💼 b. access to, and configuration of, information assets is restricted to the minimum required to achieve business objectives. This is typically referred to as the principle of ‘least privilege’ and aims to reduce the number of attack vectors that can be used to compromise information security;
- ID:
/frameworks/apra-cpg-234/a/1/b
Description
Empty...
Similar
- Internal
- ID:
dec-c-963930b2
- ID:
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (3)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS EC2 Instance IAM role is not attached🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS IAM User has inline or directly attached policies🟢 | 1 | 🟠 x1, 🟢 x5 | no data |
| 🛡️ Azure Key Vault Role Based Access Control is not enabled🟢 | 1 | 🟢 x6 | no data |
Internal Rules
| Rule | Policies | Flags |
|---|---|---|
| ✉️ dec-x-6c93750d | 1 | |
| ✉️ dec-x-4157c58a | 1 | |
| ✉️ dec-x-c8041456 | 1 |