πΌ CC6.3-1 Creates or Modifies Access to Protected Information Assets
- Contextual name: πΌ CC6.3-1 Creates or Modifies Access to Protected Information Assets
- ID:
/frameworks/soc-2/cc6/03/01 - Located in: πΌ CC6.3 The entity authorizes, modifies, or removes access to data, software, functions, and other protected information assets based on roles, responsibilities, or the system design and changes, giving consideration to the concepts of least privilege and segregation of duties, to meet the entity's objectives.
Descriptionβ
Processes are in place to create or modify access to protected information assets based on authorization from the asset's owner.
Similarβ
- Internal
- ID:
dec-c-66f69068
- ID:
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (3)β
| Policy | Logic Count | Flags |
|---|---|---|
| π Google GCE Instance is configured to use the Default Service Account π’ | 1 | π’ x6 |
| π Google GCE Instance is configured to use the Default Service Account with full access to all Cloud APIs π’ | 1 | π’ x6 |
| π Google IAM Service Account has admin privileges π’ | 1 | π’ x6 |