An error occurred:

© 2025 Xylok, LLC

Version: features-advanced-collector-898c2c - rmfrev4

Navigate

CCI-000003

CCI-000003 Definition

Review and update the current access control policy on an organization-defined frequency.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Validation Procedures

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-000003.

Control

Description

The organization:

a: Develops, documents, and disseminates to [one of ]:
- 1: An access control policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and
- 2: Procedures to facilitate the implementation of the access control policy and associated access controls; and

b: Reviews and updates the current:
- 1: Access control policy [one of ]; and
- 2: Access control procedures [one of ].