💼 AC-8 SYSTEM USE NOTIFICATION
- ID:
/frameworks/nist-sp-800-53-r4/ac/08
Stats​
not available
Description​
The information system: AC-8a. Displays to users [Assignment: organization-defined system use notification message or banner] before granting access to the system that provides privacy and security notices consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance and states that: AC-8a.1. Users are accessing a U.S. Government information system; AC-8a.2. Information system usage may be monitored, recorded, and subject to audit; AC-8a.3. Unauthorized use of the information system is prohibited and subject to criminal and civil penalties; and AC-8a.4. Use of the information system indicates consent to monitoring and recording; AC-8b. Retains the notification message or banner on the screen until users acknowledge the usage conditions and take explicit actions to log on to or further access the information system; and AC-8c. For publicly accessible systems: AC-8c.1. Displays system use information [Assignment: organization-defined conditions], before granting further access; AC-8c.2. Displays references, if any, to monitoring, recording, or auditing that are consistent with privacy accommodations for such systems that generally prohibit those activities; and AC-8c.3. Includes a description of the authorized uses of the system.
Similar​
- Internal
- ID:
dec-c-35cbbfe7
- ID:
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 NIST CSF v1.1 → 💼 PR.AC-7: Users, devices, and other assets are authenticated (e.g., single-factor, multi-factor) commensurate with the risk of the transaction (e.g., individuals' security and privacy risks and other organizational risks) | 20 | 24 | no data |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|