Navigate

RA-5(5)

RA-5(5): Privileged Access

The information system implements privileged access authorization to [one of ] for selected [one of ].

Supplemental

In certain situations, the nature of the vulnerability scanning may be more intrusive or the information system component that is the subject of the scanning may contain highly sensitive information. Privileged access authorization to selected system components facilitates more thorough vulnerability scanning and also protects the sensitive nature of such scanning.

CIA Levels
Confidentiality	low
Integrity	low
Availability	low

Overlays
None

CSF Categories
None

Related Controls

The controls below (if any) were marked by NIST as being related to RA-5(5).

Control	Description
No controls

Enhancements

The controls below (if any) add on to the requirements of RA-5(5).

Control	Description
No controls

Related CCIs

The CCIs below are tied to RA-5(5).

CCI	Definition
CCI-001067	Implement privileged access authorization to organization-identified system components for organization-defined vulnerability scanning activities.
CCI-001645	The organization identifies the information system components to which privileged access is authorized for selected organization-defined vulnerability scanning activities.
CCI-002906	Defines the vulnerability scanning activities in which the system implements privileged access authorization to organization-identified system components.