CISOBot - Your AI CISO Assistant

NET-04

Data Flow Enforcement – Access Control Lists (ACLs)

Weight: 10/10

Description

Mechanisms exist to implement and govern Access Control Lists (ACLs) to provide data flow enforcement that explicitly restrict network traffic to only what is authorized.

Control Question

Does the organization implement and govern Access Control Lists (ACLs) to provide data flow enforcement that explicitly restrict network traffic to only what is authorized?

Control Metadata

Domain:

Network Security

Validation Cadence:

Annual

Evidence Request List:

E-AST-12 E-AST-19

Have questions about this control?

Ask CISOBot for implementation guidance and best practices