💼 AC-20 Use of External Systems
- Contextual name: 💼 AC-20 Use of External Systems
- ID:
/frameworks/nist-sp-800-53-r5/ac/20 - Located in: 💼 AC Access Control
Description​
a. [Selection (one or more): Establish [Assignment: organization-defined terms and conditions]; Identify [Assignment: organization-defined controls asserted to be implemented on external systems]], consistent with the trust relationships established with other organizations owning, operating, and/or maintaining external systems, allowing authorized individuals to:
- Access the system from external systems; and
- Process, store, or transmit organization-controlled information using external systems; or b. Prohibit the use of [Assignment: organizationally-defined types of external systems].
Similar​
- Internal
- ID:
dec-c-70810614
- ID:
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 FedRAMP High Security Controls → 💼 AC-20 Use of External Systems (L)(M)(H) | 2 | |||
| 💼 FedRAMP Low Security Controls → 💼 AC-20 Use of External Systems (L)(M)(H) | ||||
| 💼 NIST CSF v2.0 → 💼 ID.AM-02: Inventories of software, services, and systems managed by the organization are maintained | 9 | |||
| 💼 NIST CSF v2.0 → 💼 ID.AM-04: Inventories of services provided by suppliers are maintained |