|
control familyAC
Access Control (AC)
Access Control - Contains 25 controls and 122 control enhancements.
25
Controls
122
Enhancements
access-controlauthorizationleast-privilege
Why These Connect
Maps To1
These are equivalent or closely aligned requirements in other frameworks.
“Access Control maps to CMMC 2.0 Access Control domain”
Addresses Topic3
This control is relevant to the linked cybersecurity topic area.
“Access Control family is the primary control set for identity and access management”
Implements1
These controls provide the technical implementation for the linked requirement.
“Identity Management also relates to Access Control policies”
Implementing Controls
Cross-Framework Mappings(1)
CMMC 2.0CMMC 2.0
Controls(25)
AC-1Policy and Procedures (AC-1)
LMH
AC-2Account Management (AC-2)LMH
AC-3Access Enforcement (AC-3)LMH
AC-4Information Flow Enforcement (AC-4)MH
AC-5Separation of Duties (AC-5)MH
AC-6Least Privilege (AC-6)MH
AC-7Unsuccessful Logon Attempts (AC-7)LMH
AC-8System Use Notification (AC-8)LMH
AC-9Previous Logon Notification (AC-9)AC-10Concurrent Session Control (AC-10)H
AC-11Device Lock (AC-11)MH
AC-12Session Termination (AC-12)MH
AC-13Supervision and Review — Access Control (AC-13)WAC-14Permitted Actions Without Identification or Authentication (AC-14)LMH
AC-15Automated Marking (AC-15)WAC-16Security and Privacy Attributes (AC-16)AC-17Remote Access (AC-17)LMH
AC-18Wireless Access (AC-18)LMH
AC-19Access Control for Mobile Devices (AC-19)LMH
AC-20Use of External Systems (AC-20)LMH
AC-21Information Sharing (AC-21)MH
AC-22Publicly Accessible Content (AC-22)LMH
AC-23Data Mining Protection (AC-23)AC-24Access Control Decisions (AC-24)AC-25Reference Monitor (AC-25)