💼 5.18 Access rights
- ID:
/frameworks/iso-iec-27001-2022/05/18
Description
Access rights to information and other associated assets shall be provisioned, reviewed, modified and removed in accordance with the organization’s topic-specific policy on and rules for access control.
Similar
- Internal
- ID:
dec-c-5909ec41
- ID:
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (6)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS EC2 Instance IAM role is not attached🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS IAM User has inline or directly attached policies🟢 | 1 | 🟠 x1, 🟢 x5 | no data |
| 🛡️ Azure Non-RBAC Key Vault stores Keys without expiration date🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Non-RBAC Key Vault stores Secrets without expiration date🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure RBAC Key Vault stores Keys without expiration date🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure RBAC Key Vault stores Secrets without expiration date🟢 | 1 | 🟢 x6 | no data |
Internal Rules
| Rule | Policies | Flags |
|---|---|---|
| ✉️ dec-x-0feec790 | 2 | |
| ✉️ dec-x-6c93750d | 1 | |
| ✉️ dec-x-82ca4127 | 2 | |
| ✉️ dec-x-4157c58a | 1 |