💼 AC-2(7) Privileged User Accounts (M)(H)

ID: /frameworks/fedramp-high-security-controls/ac/02/07

Description

(a) Establish and administer privileged user accounts in accordance with [Selection: Assignment: a role-based access scheme; an attribute-based access scheme];

(b) Monitor privileged role or attribute assignments;

(d) Revoke access when privileged role or attribute assignments are no longer appropriate.

Similar

Sections
- /frameworks/nist-sp-800-53-r5/ac/02/07
Internal
- ID: dec-c-e144afcf

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST SP 800-53 Revision 5 → 💼 AC-2(7) Account Management _ Privileged User Accounts		1	1		no data

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 FedRAMP Moderate Security Controls → 💼 AC-2(7) Privileged User Accounts (M)(H)			7		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (7)

Policy	Logic Count	Flags	Compliance
🛡️ AWS Account IAM Access Analyzer is not enabled for all regions🟢	1	🟢 x6	no data
🛡️ AWS Account Root User credentials were used is the last 30 days🟢	1	🟢 x6	no data
🛡️ AWS EC2 Instance IAM role is not attached🟢	1	🟢 x6	no data
🛡️ AWS IAM Policy allows full administrative privileges🟢	1	🟢 x6	no data
🛡️ AWS IAM User has inline or directly attached policies🟢	1	🟠 x1, 🟢 x5	no data
🛡️ Azure Subscription Activity Log Alert for Create Policy Assignment does not exist🟢	1	🟢 x6	no data
🛡️ Azure Subscription Activity Log Alert for Delete Policy Assignment does not exist🟢	1	🟢 x6	no data

Internal Rules

Rule	Policies	Flags
✉️ dec-x-6c93750d	1
✉️ dec-x-157aa4b9	1
✉️ dec-x-4157c58a	1
✉️ dec-x-9002886f	1
✉️ dec-x-ab7fc52e	1
✉️ dec-x-dc359e59	1

Description​

Similar​

Similar Sections (Take Policies From)​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (7)​

Internal Rules​