Navigate

AC-16(6)

AC-16(6): Maintenance of Attribute Association by Organization

The organization allows personnel to associate, and maintain the association of [organization-defined security attributes] with [organization-defined subjects and objects] in accordance with [organization-defined security policies].

Supplemental

This control enhancement requires individual users (as opposed to the information system) to maintain associations of security attributes with subjects and objects.

CIA Levels
Confidentiality	high
Integrity	high
Availability	unknown

Overlays
None

CSF Categories
None

Related Controls

The controls below (if any) were marked by NIST as being related to AC-16(6).

Control	Description
No controls

Enhancements

The controls below (if any) add on to the requirements of AC-16(6).

Control	Description
No controls

Related CCIs

The CCIs below are tied to AC-16(6).

CCI	Definition
CCI-002291	Defines the security policies to be followed by personnel when associating organization-defined security attributes with organization-defined subjects and objects.
CCI-002292	Defines the security attributes which are to be associated with organization-defined subjects and objects.
CCI-002293	Defines the subjects to be associated, and that association maintained, with organization-defined security attributes in accordance with organization-defined security policies.
CCI-002294	Defines the objects to be associated, and that association maintained, with organization-defined security attributes in accordance with organization-defined security policies.
CCI-002295	Require personnel to associate organization-defined security attributes with organization-defined subjects in accordance with organization-defined security policies.
CCI-002296	Require personnel to associate organization-defined security attributes with organization-defined objects in accordance with organization-defined security policies.
CCI-002297	Require personnel to maintain the association of organization-defined security attributes with organization-defined subjects in accordance with organization-defined security policies.
CCI-002298	Require personnel to maintain the association of organization-defined security attributes with organization-defined objects in accordance with organization-defined security policies.