Navigate

AC-16(2)

AC-16(2): Attribute Value Changes by Authorized Individuals

Provide authorized individuals (or processes acting on behalf of individuals) the capability to define or change the value of associated security and privacy attributes.

Supplemental

The content or assigned values of attributes can directly affect the ability of individuals to access organizational information. Therefore, it is important for systems to be able to limit the ability to create or modify attributes to authorized individuals.

CIA Levels
Confidentiality	unknown
Integrity	unknown
Availability	unknown

Overlays
CDS - Access, CDS - Multilevel, CDS - Transfer, DAF Baseline, NC3

CSF Categories
None

Related Controls

The controls below (if any) were marked by NIST as being related to AC-16(2).

Control	Description
No controls

Enhancements

The controls below (if any) add on to the requirements of AC-16(2).

Control	Description
No controls

Related CCIs

The CCIs below are tied to AC-16(2).

CCI	Definition
CCI-001425	Provides authorized individuals (or processes acting on behalf of individuals) the capability to change the value of associated security attributes.
CCI-002277	Provides authorized individuals (or processes acting on behalf of individuals) the capability to define the value of associated security attributes.
CCI-003715	Provides authorized individuals (or processes acting on behalf of individuals) the capability to change the value of associated privacy attributes.
CCI-003716	Provides authorized individuals (or processes acting on behalf of individuals) the capability to define the value of associated privacy attributes.