💼 AC-20 Use of External Systems

Contextual name: 💼 AC-20 Use of External Systems
ID: /frameworks/nist-sp-800-53-r5/ac/20
Located in: 💼 AC Access Control

Description

a. [Selection (one or more): Establish [Assignment: organization-defined terms and conditions]; Identify [Assignment: organization-defined controls asserted to be implemented on external systems]], consistent with the trust relationships established with other organizations owning, operating, and/or maintaining external systems, allowing authorized individuals to:

Access the system from external systems; and
Process, store, or transmit organization-controlled information using external systems; or b. Prohibit the use of [Assignment: organizationally-defined types of external systems].

Similar

Internal
- ID: dec-c-70810614

Similar Sections (Give Policies To)

Section	Sub Sections	Policies
💼 FedRAMP High Security Controls → 💼 AC-20 Use of External Systems (L)(M)(H)	2
💼 FedRAMP Low Security Controls → 💼 AC-20 Use of External Systems (L)(M)(H)
💼 NIST CSF v2.0 → 💼 ID.AM-02: Inventories of software, services, and systems managed by the organization are maintained		7
💼 NIST CSF v2.0 → 💼 ID.AM-04: Inventories of services provided by suppliers are maintained

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 AC-20(1) Use of External Systems _ Limits on Authorized Use
💼 AC-20(2) Use of External Systems _ Portable Storage Devices — Restricted Use
💼 AC-20(3) Use of External Systems _ Non-organizationally Owned Systems — Restricted Use
💼 AC-20(4) Use of External Systems _ Network Accessible Storage Devices — Prohibited Use
💼 AC-20(5) Use of External Systems _ Portable Storage Devices — Prohibited Use

Description​

Similar​

Similar Sections (Give Policies To)​

Sub Sections​

Description

Similar

Similar Sections (Give Policies To)

Sub Sections