An error occurred:

© 2025 Xylok, LLC

Version: v2025.01.1-ecbf-066d

Navigate

AC-17(4)

AC-17(4): Privileged Commands / Access

The organization:

(a): Authorizes the execution of privileged commands and access to security-relevant information via remote access only for [one of ]; and

(b): Documents the rationale for such access in the security plan for the information system.

Supplemental

CIA Levels
Confidentiality	low
Integrity	low
Availability	unknown

Overlays
None

CSF Categories
None

Related Controls

The controls below (if any) were marked by NIST as being related to AC-17(4).

Control	Description
AC-6	The organization employs the principle of least privilege, allowing only authorized accesses for users (or processes acting on behalf of users) which are necessary to accomplish assigned tasks in accordance with organizational missions and business functions.

Enhancements

The controls below (if any) add on to the requirements of AC-17(4).

Control	Description
No controls

Related CCIs

The CCIs below are tied to AC-17(4).

CCI	Definition
CCI-000070	Authorize the execution of privileged commands via remote access only in a format that provides assessable evidence for organization-defined needs.
CCI-002316	Authorize access to security-relevant information via remote access only in a format that provides assessable evidence for organization-defined needs.
CCI-002317	Defines the needs for when the execution of privileged commands via remote access is to be authorized.
CCI-002318	Defines the needs for when access to security-relevant information via remote access is to be authorized.
CCI-002319	Document the rationale for authorization of the execution of privilege commands via remote access.
CCI-002320	Document the rationale for authorization of access to security-relevant information via remote access.