NIST SP 800-53

Control(s) Enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. Additional...

Control(s) a. Develop, document, and disseminate to [Assignment: organization-defined personnel or roles]: 1. [Selection (one or more): Organization-level; Mission/business process-level;...

Control(s) [Withdrawn: Incorporated into AC-14.] Additional Details (Discussion) N/A Related Control(s) Reference(s) NIST SP 800-53 Rev-5

Control(s) a. Define and document the types of accounts allowed and specifically prohibited for use within the system; b. Assign...

Control(s) Enforce dual authorization for [Assignment: organization-defined privileged commands and/or other organization-defined actions]. Additional Details (Discussion) Dual authorization, also known...

Control(s) Support the management of system accounts using [Assignment: organization-defined automated mechanisms]. Additional Details (Discussion) Automated system account management includes...

Control(s) Enforce [Assignment: organization-defined mandatory access control policy] over the set of covered subjects and objects specified in the policy,...

Control(s) Automatically [Selection: remove; disable] temporary and emergency accounts after [Assignment: organization-defined time period for each type of account]. Additional...

Control(s) Enforce [Assignment: organization-defined discretionary access control policy] over the set of covered subjects and objects specified in the policy,...

Control(s) Disable accounts within [Assignment: organization-defined time period] when the accounts: (a) Have expired; (b) Are no longer associated with...