IAC-16 ยท Privileged Account Management (PAM)

Control Description

Mechanisms exist to restrict and control privileged access rights for users and Technology Assets, Applications and/or Services (TAAS).

Control Question
Assessment question for control validation

Does the organization restrict and control privileged access rights for users and Technology Assets, Applications and/or Services (TAAS)?

Control Weighting
10
Validation Cadence
Quarterly
NIST CSF Function
Protect
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 2 - Operational
Tier 3 - Tactical
Core Control Designations
Special designations and baseline inclusions
MAD: IAC-16
ESP Level 1: IAC-16
ESP Level 2: IAC-16
ESP Level 3: IAC-16
Errata & Additional Notes

- wordsmithed control