CCI-000070

CCI-000070 Definition

Authorize the execution of privileged commands via remote access only in a format that provides assessable evidence for organization-defined needs.

Status
Type	CheckType.policy

The controls below (if any) were marked by NIST as being related to CCI-000070.

Control	Description
AC-17(4)	The organization: (a): Authorizes the execution of privileged commands and access to security-relevant information via remote access only for [one of ]; and (b): Documents the rationale for such access in the security plan for the information system.