>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

AC-6(6)Least Privilege

Technical

>Control Description

LEAST PRIVILEGE | PRIVILEGED ACCESS BY NON-ORGANIZATIONAL USERS The organization prohibits privileged access to the information system by non-organizational users. Related control: IA-8.

>Tailoring Guidance

This security control/enhancement is not suggested for inclusion in a departmental profile. However, it is recommended that organizations give the security control/enhancement due consideration. There may be a requirement for outside personnel to have privileged access to systems in order to perform maintenance.

In all cases, these people should be supervised and their actions carefully audited.

Ask AI

Configure your API key to use AI features.