Navigate

CCI-001621

CCI-001621 Definition

Implement organization-defined security controls to manage the risk of compromise due to individuals having accounts on multiple systems.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Determine if [IA-05(08)_ODP; security controls implemented to manage the risk of compromise due to individuals having accounts on multiple systems are defined] are implemented to manage the risk of compromise due to individuals having accounts on multiple systems.

Validation Procedures

Examine: [SELECT FROM: Identification and authentication policy; procedures addressing authenticator management; system security plan; list of individuals having accounts on multiple systems; list of security safeguards intended to manage risk of compromise due to individuals having accounts on multiple systems; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with authenticator management responsibilities; organizational personnel with information security responsibilities; system/network administrators]. Test: [SELECT FROM: Mechanisms supporting and/or implementing safeguards for authenticator management].

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-001621.

Control	Description
IA-5(8)	Implement [security controls implemented to manage the risk of compromise due to individuals having accounts on multiple systems are defined;] to manage the risk of compromise due to individuals having accounts on multiple systems.