|
controlPL-4
Rules of Behavior (PL-4)
Establish and provide to individuals requiring access to the system, the rules that describe their responsibilities and expected behavior for information and system usage, security, and privacy; Receive a documented acknowledgment from such individuals, indicating that they have read, understand, and agree to abide by the rules of behavior, before authorizing access to information and the system; Review and update the rules of behavior [organization-defined] ; and Require individuals who have ac
Security Baselines
LOWMODERATEHIGH
planningsecurity-plan
Why These Connect
Baselined In3
This control is included in the linked security baseline (LOW, MODERATE, or HIGH).
Supports35
These related controls work together — a change to one may affect the others.
Enhances1
These enhancements add specific capabilities or refinements to the base control.
Related Controls(20)
AC-2Account Management (AC-2)
LMH
AC-8System Use Notification (AC-8)LMH
AC-9Previous Logon Notification (AC-9)AC-11Device Lock (AC-11)MH
AC-17Remote Access (AC-17)LMH
AC-18Wireless Access (AC-18)LMH
AC-19Access Control for Mobile Devices (AC-19)LMH
AC-20Use of External Systems (AC-20)LMH
AT-2Literacy Training and Awareness (AT-2)LMH
AT-3Role-based Training (AT-3)LMH
CM-11User-installed Software (CM-11)LMH
IA-2Identification and Authentication (Organizational Users) (IA-2)LMH
IA-4Identifier Management (IA-4)LMH
IA-5Authenticator Management (IA-5)LMH
MP-7Media Use (MP-7)LMH
AC-6Least Privilege (AC-6)MH
PS-6Access Agreements (PS-6)LMH
PS-8Personnel Sanctions (PS-8)LMH
SA-5System Documentation (SA-5)LMH
SI-12Information Management and Retention (SI-12)LMH