Mechanisms exist to require internal and third-party users to sign appropriate access agreements prior to being granted access.
Control Question
Assessment question for control validation
Does the organization require internal and third-party users to sign appropriate access agreements prior to being granted access?
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 2 - Operational
Tier 3 - Tactical
Core Control Designations
Special designations and baseline inclusions
MAD: HRS-06
ESP Level 1: HRS-06
ESP Level 2: HRS-06
ESP Level 3: HRS-06