Skip to main content

πŸ’Ό AC-5 SEPARATION OF DUTIES

  • Contextual name: πŸ’Ό AC-5 SEPARATION OF DUTIES
  • ID: /frameworks/nist-sp-800-53-r4/ac/05
  • Located in: πŸ’Ό AC ACCESS CONTROL

Description​

The organization: AC-5a. Separates [Assignment: organization-defined duties of individuals]; AC-5b. Documents separation of duties of individuals; and AC-5c. Defines information system access authorizations to support separation of duties.

Similar​

  • Internal
    • ID: dec-c-659cb88b

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό PR.AC-4: Access permissions and authorizations are managed, incorporating the principles of least privilege and separation of duties1735
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό PR.DS-5: Protections against data leaks are implemented4351

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags

Policies (3)​

PolicyLogic CountFlags
πŸ“ AWS Account Root User credentials were used is the last 30 days πŸ”΄πŸŸ’1πŸ”΄ x1, 🟒 x6
πŸ“ AWS IAM Policy allows full administrative privileges 🟒1🟒 x6
πŸ“ AWS IAM User has inline or directly attached policies 🟒1🟠 x1, 🟒 x5

Internal Rules​

RulePoliciesFlags
βœ‰οΈ dec-x-157aa4b91
βœ‰οΈ dec-x-4157c58a1
βœ‰οΈ dec-x-e58fd8e01