CISOBot - Your AI CISO Assistant

IAC-18

User Responsibilities for Account Management

Weight: 10/10

Description

Mechanisms exist to compel users to follow accepted practices in the use of authentication mechanisms (e.g., passwords, passphrases, physical or logical security tokens, smart cards, certificates, etc.).

Control Question

Does the organization compel users to follow accepted practices in the use of authentication mechanisms (e.g., passwords, passphrases, physical or logical security tokens, smart cards, certificates, etc.)?

Control Metadata

Domain:

Identification & Authentication

Validation Cadence:

Annual

Have questions about this control?

Ask CISOBot for implementation guidance and best practices