Logo

CISOBot - Your AI CISO Assistant

IAC-20

Access Enforcement

Weight: 10/10
Description

Mechanisms exist to enforce Logical Access Control (LAC) permissions that conform to the principle of "least privilege."

Control Question

Does the organization enforce Logical Access Control (LAC) permissions that conform to the principle of "least privilege?"

Control Metadata
Domain:

Identification & Authentication

Validation Cadence:

Annual

Have questions about this control?

Ask CISOBot for implementation guidance and best practices