⭐ Repository → 💼 SOC 2 → 💼 CC6 Logical and Physical Access Controls → 💼 CC6.3 The entity authorizes, modifies, or removes access to data, software, functions, and other protected information assets based on roles, responsibilities, or the system design and changes, giving consideration to the concepts of least privilege and segregation of duties, to meet the entity's objectives.
💼 CC6.3-1 Creates or Modifies Access to Protected Information Assets
- ID:
/frameworks/soc-2/cc6/03/01
Description
Processes are in place to create or modify access to protected information assets based on authorization from the asset's owner.
Similar
- Internal
- ID:
dec-c-66f69068
- ID:
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (3)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ Google GCE Instance is configured to use the Default Service Account🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google GCE Instance is configured to use the Default Service Account with full access to all Cloud APIs🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google IAM Service Account has admin privileges🟢 | 1 | 🟢 x6 | no data |