⭐ Repository → 💼 SOC 2 → 💼 CC6 Logical and Physical Access Controls → 💼 CC6.1 The entity implements logical access security software, infrastructure, and architectures over protected information assets to protect them from security events to meet the entity's objectives.
💼 CC6.1-9 Manages Credentials for Infrastructure and Software
- ID:
/frameworks/soc-2/cc6/01/09
Description
New internal and external infrastructure and software are registered, authorized, and documented prior to being granted access credentials and implemented on the network or access point. Credentials are removed and access is disabled when access is no longer required or the infrastructure and software are no longer in use.
Similar
- Internal
- ID:
dec-c-b1b05177
- ID:
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (4)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS IAM Server Certificate is expired🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure SQL Server Transparent Data Encryption Protector is not encrypted with Customer-managed key🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Consumer Google Accounts are used🟢⚪ | 🟢 x2, ⚪ x1 | no data | |
| 🛡️ Google GCE Instance OS Login is not enabled🟢 | 1 | 🟢 x6 | no data |
Internal Rules
| Rule | Policies | Flags |
|---|---|---|
| ✉️ dec-x-12a85339 | 1 | |
| ✉️ dec-x-230b5e35 | 1 | |
| ✉️ dec-z-79f4ab88 | 1 |