💼 AC-14 PERMITTED ACTIONS WITHOUT IDENTIFICATION OR AUTHENTICATION

Contextual name: 💼 AC-14 PERMITTED ACTIONS WITHOUT IDENTIFICATION OR AUTHENTICATION
ID: /frameworks/nist-sp-800-53-r4/ac/14
Located in: 💼 AC ACCESS CONTROL

Description

The organization: AC-14a. Identifies [Assignment: organization-defined user actions] that can be performed on the information system without identification or authentication consistent with organizational missions/business functions; and AC-14b. Documents and provides supporting rationale in the security plan for the information system, user actions not requiring identification or authentication.

Similar

Internal
- ID: dec-c-6e8a4c99

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 NIST CSF v1.1 → 💼 PR.AC-4: Access permissions and authorizations are managed, incorporating the principles of least privilege and separation of duties		17	35
💼 NIST CSF v1.1 → 💼 PR.AC-7: Users, devices, and other assets are authenticated (e.g., single-factor, multi-factor) commensurate with the risk of the transaction (e.g., individuals' security and privacy risks and other organizational risks)		19	22

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 AC-14 (1) NECESSARY USES

Description​

Similar​

Similar Sections (Give Policies To)​

Sub Sections​

Description

Similar

Similar Sections (Give Policies To)

Sub Sections