💼 AC-5 SEPARATION OF DUTIES
- Contextual name: 💼 AC-5 SEPARATION OF DUTIES
- ID:
/frameworks/nist-sp-800-53-r4/ac/05 - Located in: 💼 AC ACCESS CONTROL
Description
The organization: AC-5a. Separates [Assignment: organization-defined duties of individuals]; AC-5b. Documents separation of duties of individuals; and AC-5c. Defines information system access authorizations to support separation of duties.
Similar
- Internal
- ID:
dec-c-659cb88b
- ID:
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 NIST CSF v1.1 → 💼 PR.AC-4: Access permissions and authorizations are managed, incorporating the principles of least privilege and separation of duties | 17 | 52 | ||
| 💼 NIST CSF v1.1 → 💼 PR.DS-5: Protections against data leaks are implemented | 47 | 66 |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (4)
| Policy | Logic Count | Flags |
|---|---|---|
| 📝 AWS Account Root User credentials were used is the last 30 days 🟢 | 1 | 🟢 x6 |
| 📝 AWS IAM Policy allows full administrative privileges 🟢 | 1 | 🟢 x6 |
| 📝 AWS IAM User has inline or directly attached policies 🟢 | 1 | 🟠 x1, 🟢 x5 |
| 📝 Google User has both Service Account Admin and Service Account User roles assigned 🟢 | 1 | 🟢 x6 |
Internal Rules
| Rule | Policies | Flags |
|---|---|---|
| ✉️ dec-x-157aa4b9 | 1 | |
| ✉️ dec-x-4157c58a | 1 | |
| ✉️ dec-x-e58fd8e0 | 1 |