Warning: count(): Parameter must be an array or an object that implements Countable in /homepages/5/d397901817/htdocs/clickandbuilds/WordPress/fedramp/wp-content/plugins/q-and-a-focus-plus-faq/inc/functions.php on line 250
The Access Control (AC) objective is based around the policies and procedures in place at a 3pao to limit access to various resources within the environment to appropriate individuals. Below is a list of the various activities that are required to be implemented to address and mitigate access control related risks.
- Access Control Policy and Procedures
- Account Management
- Access Enforcement
- Information Flow Enforcement
- Separation of Duties
- Least Privilege
- Unsuccessful Login Attempts
- System Use Notification
- Concurrent Session Control
- Session Lock
- Permitted Actions Without Identification/ Authentication
- Security Attributes
- Remote Access
- Wireless Access
- Access Control for Mobile Devices
- Use of External Information Systems
- Publicly Accessible Content
← FedRAMP FAQ