mirror of
https://github.com/strongdm/comply
synced 2024-12-23 22:11:37 +00:00
.. | ||
README.md |
Controls
Controls explicitly state a specific action that the organization will take to enforce a Policy goal.
Format
name: Access Control Procedures
family: Access Control
identifier: AC-2
governingPolicy:
- policyName: Access Onboarding and Termination
policyID: SDM-AOTP
policyClause: 1.1
owner: Director, Security & Compliance
published: 2020-01-01
targets:
TSC 2017:
- CC6.1
- CC6.2
- CC6.3
NIST 800-53:
- AC-1
revisions:
- date: Sep 1 2020
comment: Initial documentation of control
---
1. Develop, document, and disseminate to all employees:
1. Organizational access control policy that:
1. Addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and