An error occurred:

CCI-002186

CCI-002186 Definition

Employ an audited override of automated access control mechanisms under organization-defined conditions by organization-defined roles.
Status
Type CheckType.technical

Master Assessment Datasheet

Implementation Guidance

Determine if an audited override of automated access control mechanisms is employed under [Assignment: conditions under which to employ an audited override of automated access control mechanisms are defined] by [Assignment: roles allowed to employ an audited override of automated access control mechanisms are defined].

Validation Procedures

Examine: [SELECT FROM: Access control policy; procedures addressing access enforcement; system design documentation; system configuration settings and associated documentation; conditions for employing audited override of automated access control mechanisms; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with access enforcement responsibilities; system/network administrators; organizational personnel with information security responsibilities]. Test: [SELECT FROM: Mechanisms implementing access enforcement functions].