CCI-002220
CCI-002220 Definition
Define system access authorizations to support separation of duties.
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
The organization being inspected/assessed defines and documents the information system access authorizations to support separation of duties.
Validation Procedures
The organization conducting the inspection/assessment obtains and examines the documented information system access authorizations to ensure the organization being inspected/assessed defines information system access authorizations to support separation of duties.
Compelling Evidence
1.) Signed and dated access control policy 2.) Job description documentation 3.) Signed and dated documentation that defines the information system access authorizations to support separation of duties.