CCI-002126
CCI-002126 Definition
Authorize access to the system based on a valid access authorization.
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
The organization being inspected/assessed authorizes access to the information system based on the access authorization process. The organization being inspected/assessed maintains an audit trail of approved access.
Validation Procedures
The organization conducting the inspection/assessment obtains and examines the audit trail of approved access to ensure the organization being inspected/assessed authorizes access to the information system based on the access authorization process.
Compelling Evidence
1.) Signed and dated system security plan (SSP), referencing section which defines access authorization procedures. 2.) Audit trail of approved access.