Navigate

CCI-000042

CCI-000042 Definition

The organization documents the rationale for authorized network access to organization-defined privileged commands in the security plan for the information system.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed documents the rationale for authorized network access to privileged commands defined in AC-6 (3), CCI 1420 in the security plan for the information system.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented rationale to ensure the organization being inspected/assessed documents the rationale for authorized network access to privileged commands defined in AC-6 (3), CCI 1420 in the security plan for the information system.

Compelling Evidence

1.) Applicable STIG/SRG checks

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-000042.

Control	Description
AC-6 (3)	The organization authorizes network access to [Assignment: organization-defined privileged commands] only for [Assignment: organization-defined compelling operational needs] and documents the rationale for such access in the security plan for the information system.