CISOBot - Your AI CISO Assistant

IAC-29

Attribute-Based Access Control (ABAC)

Weight: 5/10

Description

Mechanisms exist to enforce Attribute-Based Access Control (ABAC) for policy-driven, dynamic authorizations that supports the secure sharing of information.

Control Question

Does the organization enforce Attribute-Based Access Control (ABAC) for policy-driven, dynamic authorizations that supports the secure sharing of information?

Control Metadata

Domain:

Identification & Authentication

Validation Cadence:

Annual

Have questions about this control?

Ask CISOBot for implementation guidance and best practices