AC-24-727 Access Control Decisions

Access Control Decisions

Control ID

AC-24-727

Control Name

Access Control Decisions

Control Category

Access Control

Functional Areas

Sub-Areas

NIST Baseline Level(s)

NOT SELECTED

NIST Priority

State Implementation Required

Agency Last Implemented Date

Risk Statement

Users gain access to information that is beyond their appropriate level of privilege.

Control Description

The organization establishes procedures to ensure [Assignment: organization-defined access control decisions] are applied to each access request prior to access enforcement.

Control Example

State Implementation

No statewide control

Testing Procedures