mirror of
https://github.com/strongdm/comply
synced 2024-11-17 13:24:53 +00:00
34 lines
801 B
Markdown
34 lines
801 B
Markdown
# Controls
|
|
|
|
Controls explicitly state a specific action that the organization will take to enforce a Policy goal.
|
|
|
|
## Format
|
|
```
|
|
name: Access Control Procedures
|
|
family: Access Control
|
|
identifier: AC-2
|
|
governingPolicy:
|
|
- policyName: Access Onboarding and Termination
|
|
policyID: SDM-AOTP
|
|
policyClause: 1.1
|
|
owner: Director, Security & Compliance
|
|
published: 2020-01-01
|
|
targets:
|
|
TSC 2017:
|
|
- CC6.1
|
|
- CC6.2
|
|
- CC6.3
|
|
NIST 800-53:
|
|
- AC-1
|
|
revisions:
|
|
- date: Sep 1 2020
|
|
comment: Initial documentation of control
|
|
---
|
|
1. Develop, document, and disseminate to all employees:
|
|
|
|
1. Organizational access control policy that:
|
|
|
|
1. Addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and
|
|
|
|
```
|