AC-6.8: Privilege Levels for Code Execution

Access control policy

procedures addressing least privilege

list of software that should not execute at higher privilege levels than users executing software

system design documentation

system configuration settings and associated documentation

system audit records

system security plan

other relevant documents or records

Organizational personnel with responsibilities for defining least privileges necessary to accomplish specified tasks

organizational personnel with information security responsibilities

system/network administrators

system developers

Mechanisms implementing least privilege functions for software execution