Overview:
The organization:
(a) Authorizes the execution of privileged commands and access to security-relevant information via remote access only for [Assignment: organization-defined needs]; and
(b) Documents the rationale for such access in the security plan for the information system.
Related Controls: AC-6.
Action Items:
1) Define all allowed remotely executed privileged commands and document the rationale
Related Documents:
1) Access Control Policy
2) Remote Access Policy
Additional Guidance:
Moderate FedRAMP-Defined Assignment / Selection Parameters
none
Moderate Additional FedRAMP Requirements and Guidance
none
Article ID: 41
Created: September 25, 2022
Last Updated: September 26, 2022
Author: Matthew Burdick
Online URL: http://www.compliancewiki.org/article/fedramp-privileged-commands-access-ac-17-4-41.html