πΌ AC-16 Security and Privacy Attributes
- Contextual name: πΌ AC-16 Security and Privacy Attributes
- ID:
/frameworks/nist-sp-800-53-r5/ac/16 - Located in: πΌ AC Access Control
Descriptionβ
a. Provide the means to associate [Assignment: organization-defined types of security and privacy attributes] with [Assignment: organization-defined security and privacy attribute values] for information in storage, in process, and/or in transmission; b. Ensure that the attribute associations are made and retained with the information; c. Establish the following permitted security and privacy attributes from the attributes defined in AC-16a for [Assignment: organization-defined systems]: [Assignment: organization-defined security and privacy attributes]; d. Determine the following permitted attribute values or ranges for each of the established attributes: [Assignment: organization-defined attribute values or ranges for established attributes]; e. Audit changes to attributes; and f. Review [Assignment: organization-defined security and privacy attributes] for applicability [Assignment: organization-defined frequency].
Similarβ
- Internal
- ID:
dec-c-7d35ae35
- ID:
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST CSF v2.0 β πΌ PR.AA-05: Access permissions, entitlements, and authorizations are defined in a policy, managed, enforced, and reviewed, and incorporate the principles of least privilege and separation of duties | 58 |