💼 AC-14 PERMITTED ACTIONS WITHOUT IDENTIFICATION OR AUTHENTICATION
- ID:
/frameworks/nist-sp-800-53-r4/ac/14
Description​
The organization: AC-14a. Identifies [Assignment: organization-defined user actions] that can be performed on the information system without identification or authentication consistent with organizational missions/business functions; and AC-14b. Documents and provides supporting rationale in the security plan for the information system, user actions not requiring identification or authentication.
Similar​
- Internal
- ID:
dec-c-6e8a4c99
- ID:
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 NIST CSF v1.1 → 💼 PR.AC-4: Access permissions and authorizations are managed, incorporating the principles of least privilege and separation of duties | 17 | 56 | no data | ||
| 💼 NIST CSF v1.1 → 💼 PR.AC-7: Users, devices, and other assets are authenticated (e.g., single-factor, multi-factor) commensurate with the risk of the transaction (e.g., individuals' security and privacy risks and other organizational risks) | 19 | 23 | no data |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 AC-14 (1) NECESSARY USES | no data |