Under active development — Content is continuously updated and improved

Home / Frameworks / TX-RAMP / AC — Access Control

AC — Access Control

33 controls in the Access Control family

AC-1Policy and Procedures

AC-2Account Management

AC-2(3)Account Management | Disable Accounts

AC-2(5)Account Management | Inactivity Logout

AC-2(7)Account Management | Privileged User Accounts

AC-2(9)Account Management | Restrictions on Use of Shared and Group Accounts

AC-2(12)Account Management | Account Monitoring for Atypical Usage

AC-3Access Enforcement

AC-4Information Flow Enforcement

AC-5Separation of Duties

AC-6Least Privilege

AC-6(1)Least Privilege | Authorize Access to Security Functions

AC-6(2)Least Privilege | Non-privileged Access for Nonsecurity Functions

AC-6(5)Least Privilege | Privileged Accounts

AC-6(7)Least Privilege | Review of User Privileges

AC-6(9)Least Privilege | Log Use of Privileged Functions

AC-6(10)Least Privilege | Prohibit Non-privileged Users from Executing Privileged Functions

AC-7Unsuccessful Logon Attempts

AC-11Device Lock

AC-12Session Termination

AC-14Permitted Actions Without Identification or Authentication

AC-17Remote Access

AC-17(1)Remote Access | Monitoring and Control

AC-17(2)Remote Access | Protection of Confidentiality and Integrity Using Encryption

AC-17(3)Remote Access | Managed Access Control Points

AC-17(4)Remote Access | Privileged Commands and Access

AC-17(9)Remote Access | Disconnect or Disable Access

AC-18Wireless Access

AC-19Access Control for Mobile Devices

AC-19(5)Access Control for Mobile Devices | Full Device or Container-based Encryption

AC-20Use of External Systems

AC-20(1)Use of External Systems | Limits on Authorized Use

AC-22Publicly Accessible Content

← Back to all controls