Navigate

CCI-002219

CCI-002219 Definition

Defines the duties of individuals requiring separation.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Determine if [AC-05_ODP; duties of individuals requiring separation are defined] are identified and documented.

Validation Procedures

Examine: [SELECT FROM: Access control policy; procedures addressing divisions of responsibility and separation of duties; system configuration settings and associated documentation; list of divisions of responsibility and separation of duties; system access authorizations; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with responsibilities for defining appropriate divisions of responsibility and separation of duties; organizational personnel with information security responsibilities; system/network administrators]. Test: [SELECT FROM: Mechanisms implementing separation of duties policy].

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002219.

Control	Description
AC-5	a: Identify and document [duties of individuals requiring separation are defined;] ; and b: Define system access authorizations to support separation of duties.