Mechanisms exist to prohibit privileged users from using privileged accounts, while performing non-security functions.
Control Question
Assessment question for control validation
Does the organization prohibit privileged users from using privileged accounts, while performing non-security functions?
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Core Control Designations
Special designations and baseline inclusions
MAD: IAC-21.2
ESP Level 2: IAC-21.2
ESP Level 3: IAC-21.2
Errata & Additional Notes
- AU Essential 8 ISM-1175