💼 CC6.1-9 Manages Credentials for Infrastructure and Software

ID: /frameworks/soc-2/cc6/01/09

Description

New internal and external infrastructure and software are registered, authorized, and documented prior to being granted access credentials and implemented on the network or access point. Credentials are removed and access is disabled when access is no longer required or the infrastructure and software are no longer in use.

Similar

Internal
- ID: dec-c-b1b05177

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (4)

Policy	Logic Count	Flags	Compliance
🛡️ AWS IAM Server Certificate is expired🟢	1	🟢 x6	no data
🛡️ Azure SQL Server Transparent Data Encryption Protector is not encrypted with Customer-managed key🟢	1	🟢 x6	no data
🛡️ Consumer Google Accounts are used🟢⚪		🟢 x2, ⚪ x1	no data
🛡️ Google GCE Instance OS Login is not enabled🟢	1	🟢 x6	no data

Internal Rules

Rule	Policies	Flags
✉️ dec-x-12a85339	1
✉️ dec-x-230b5e35	1
✉️ dec-z-79f4ab88	1

Description​

Similar​

Sub Sections​

Policies (4)​

Internal Rules​

Description

Similar

Sub Sections

Policies (4)

Internal Rules