Mechanisms exist to authorize the use of shared/group accounts only under certain organization-defined conditions.
Control Question
Assessment question for control validation
Does the organization authorize the use of shared/group accounts only under certain organization-defined conditions?
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 2 - Operational
Tier 3 - Tactical
Core Control Designations
Special designations and baseline inclusions
MAD: IAC-15.5
ESP Level 2: IAC-15.5
ESP Level 3: IAC-15.5