💼 A.9.2.3 Management of privileged access rights

• Contextual name: 💼 A.9.2.3 Management of privileged access rights
• ID: /frameworks/iso-iec-27001-2013/09/02/03
• Located in: 💼 A.9.2 User access management

Description

The allocation and use of privileged access rights shall be restricted and controlled.

Similar

• Internal
  • ID: dec-c-aaa0298f

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 NIST CSF v1.1 → 💼 PR.AC-1: Identities and credentials are issued, managed, verified, revoked, and audited for authorized devices, users and processes		19	30
💼 NIST CSF v1.1 → 💼 PR.AC-4: Access permissions and authorizations are managed, incorporating the principles of least privilege and separation of duties		17	52
💼 NIST CSF v1.1 → 💼 PR.DS-5: Protections against data leaks are implemented		47	66

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (8)

Policy	Logic Count	Flags
📝 AWS Account IAM Access Analyzer is not enabled for all regions 🟢	1	🟢 x6
📝 AWS IAM Policy allows full administrative privileges 🟢	1	🟢 x6
📝 Azure App Service Authentication is disabled and Basic Authentication is enabled 🟢	1	🟢 x6
📝 Azure App Service Basic Authentication is enabled 🟢		🟢 x3
📝 Consumer Google Accounts are used 🟢		🟢 x3
📝 Google GCE Instance is configured to use the Default Service Account with full access to all Cloud APIs 🟢	1	🟢 x6
📝 Google IAM Users are assigned the Service Account User or Service Account Token Creator roles at Project level 🟢	1	🟢 x6
📝 Google User has both Service Account Admin and Service Account User roles assigned 🟢	1	🟢 x6

Internal Rules

Rule	Policies	Flags
✉️ dec-x-157aa4b9	1
✉️ dec-x-ab7fc52e	1
✉️ dec-x-ca52f63a	2