AC-2(7) - Account Management | Privileged User Accounts

(a) Establish and administer privileged user accounts in accordance with [Selection: a role-based access scheme; an attribute-based access scheme]; (b) Monitor privileged role or attribute assignments; (c) Monitor changes to roles or attributes; and (d) Revoke access when privileged role or attribute assignments are no longer appropriate.


Informational References

ISO 27001

ID: AC-2(7)
Enhancement of : AC-2

Countermeasures Covered by Control

ID Name Description D3FEND

Space Threats Tagged by Control

ID Description

Sample Requirements

Requirement

Related SPARTA Techniques and Sub-Techniques

ID Name Description