CCI-002118
CCI-002118 Definition
Specify authorized access authorizations (i.e., privileges) for each account.
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
The organization being inspected/assessed documents access authorizations (i.e., privileges) for each account on the information system.
Validation Procedures
The organization conducting the inspection/assessment obtains and examines the documented list of access authorizations for a sampling of information system accounts to ensure that the access authorizations are specified.
Compelling Evidence
1.) Signed and dated documentation that specifies access authorizations (i.e., privileges) for each account on the information system and defines the list of privileges for those accounts. 2.) Sampling of information system accounts