Mechanisms exist to proactively control and monitor third-party accounts used to access, support, or maintain system components via remote access.
Control Question
Assessment question for control validation
Does the organization proactively control and monitor third-party accounts used to access, support, or maintain system components via remote access?
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 2 - Operational
Tier 3 - Tactical
Core Control Designations
Special designations and baseline inclusions
MAD: NET-14.6
ESP Level 2: NET-14.6
ESP Level 3: NET-14.6