Skip to Content

 Access Control (AC)

FedRAMP Automated System Account Management AC-2 (1)

Sun, Sep 25, 2022 0 0 559 0/5 (0 Vote)

Overview:The organization employs automated mechanisms to support the management of information system accounts. Supplemental Guidance:The use of automated mechanisms can include, for example: using email or text messaging to automatically notify... Read More

FedRAMP Concurrent Session Control AC-10

Sun, Sep 25, 2022 0 0 449 0/5 (0 Vote)

Overview:The information system limits the number of concurrent sessions for each [Assignment: organization-defined account and/or account type] to [Assignment: organization-defined number]. Supplemental Guidance:Organizations may define the maximum... Read More

FedRAMP Disable Inactive Accounts AC-2 (3)

Sun, Sep 25, 2022 0 0 635 0/5 (0 Vote)

Overview:The information system automatically disables inactive accounts after [Assignment: organization-defined time period]. Action Items:1) Disable inactive accounts on a predefined basis Related Documents:1) Access Control Policy 2) Identity and... Read More

FedRAMP Disconnect / Disable Access AC-17 (9)

Sun, Sep 25, 2022 0 0 472 0/5 (0 Vote)

Overview:The organization provides the capability to expeditiously disconnect or disable remote access to the information system within [Assignment: organization-defined time period]. Supplemental Guidance:This control enhancement requires... Read More

FedRAMP Full Device / Container-based Encryption AC-19 (5)

Sun, Sep 25, 2022 0 0 437 0/5 (0 Vote)

Overview:The organization employs [Selection: full-device encryption; container encryption] to protect the confidentiality and integrity of information on [Assignment: organization-defined mobile devices]. Supplemental Guidance:Container-based... Read More

FedRAMP Group Accounts Credential Termination AC-2 (10)

Sun, Sep 25, 2022 0 0 426 0/5 (0 Vote)

Overview:The information system terminates shared/group account credentials when members leave the group. Action Items:1) Terminate shared account credentials when members leave the group Related Documents:1) Access Control Policy 2) Identity and... Read More

FedRAMP Inactivity Logout AC-2 (5)

Sun, Sep 25, 2022 0 0 532 0/5 (0 Vote)

Overview:The organization requires that users log out when [Assignment: organization-defined time-period of expected inactivity or description of when to log out] Related control: SC-23 Action Items:1) Enable logouts due to a specific period of... Read More

FedRAMP Information Flow Enforcement AC-4

Sun, Sep 25, 2022 0 0 418 0/5 (0 Vote)

Overview:The information system enforces approved authorizations for controlling the flow of information within the system and between interconnected systems based on [Assignment: organization-defined information flow control policies]. Supplemental... Read More

FedRAMP Information Sharing AC-21

Sun, Sep 25, 2022 0 0 435 0/5 (0 Vote)

Overview:The organization:a. Facilitates information sharing by enabling authorized users to determine whether access authorizations assigned to the sharing partner match the access restrictions on the information for [Assignment: organization... Read More

FedRAMP Least Privilege AC-6

Sun, Sep 25, 2022 0 0 705 0/5 (0 Vote)

Overview:The organization employs the principle of least privilege, allowing only authorized accesses for users (or processes acting on behalf of users) which are necessary to accomplish assigned tasks in accordance with organizational missions and... Read More

Results 11 - 20 of 43