>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

AC-16(4)Security Attributes

PBMM (P2)
Secret (P2)
Technical

>Control Description

SECURITY ATTRIBUTES | ASSOCIATION OF ATTRIBUTES BY AUTHORIZED INDIVIDUALS The information system supports the association of organization-defined security attributes with organization-defined subjects and objects by authorized individuals (or processes acting on behalf of individuals).

>Supplemental Guidance

The support provided by information systems can vary to include: (i) prompting users to select specific security attributes to be associated with specific information objects; (ii) employing automated mechanisms for categorizing information with appropriate attributes based on defined policies; or (iii) ensuring that the combination of selected security attributes selected is valid. Organizations consider the creation, deletion, or modification of security attributes when defining auditable events.

>Tailoring Guidance

Control enhancement (2) and (4) allow authors and other authorized entities to assign security labels to resources.

Ask AI

Configure your API key to use AI features.