|
control enhancementAC-3(4)
Discretionary Access Control (AC-3(4))
Enforce [organization-defined] over the set of covered subjects and objects specified in the policy, and where the policy specifies that a subject that has been granted access to information can do one or more of the following:
access-controlauthorizationleast-privilegeenhancement
Why These Connect
Enhances1
These enhancements add specific capabilities or refinements to the base control.