Navigate

CCI-002225

CCI-002225 Definition

Provide separate processing domains to enable finer-grained allocation of user privileges.

Status
Type	CheckType.technical

Master Assessment Datasheet

Implementation Guidance

Determine if separate processing domains are provided to enable finer-grain allocation of user privileges.

Validation Procedures

Examine: [SELECT FROM: Access control policy; procedures addressing least privilege; system design documentation; system configuration settings and associated documentation; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with responsibilities for defining least privileges necessary to accomplish specified tasks; organizational personnel with information security responsibilities; system developers]. Test: [SELECT FROM: Mechanisms implementing least privilege functions].

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002225.

Control	Description
AC-6(4)	Provide separate processing domains to enable finer-grained allocation of user privileges.