Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
OSCAL
OSCAL Profiles
FedRAMP Rev 5 High Baseline
AC
AC: Access Control
An OSCAL Group
Details
Subcontrols
50
AC-1 - Policy and Procedures
AC-2 - Account Management
10 Subcontrols
AC-2.1 - Automated System Account Management
AC-2.2 - Automated Temporary and Emergency Account Management
AC-2.3 - Disable Accounts
AC-2.4 - Automated Audit Actions
AC-2.5 - Inactivity Logout
AC-2.7 - Privileged User Accounts
AC-2.9 - Restrictions on Use of Shared and Group Accounts
AC-2.11 - Usage Conditions
AC-2.12 - Account Monitoring for Atypical Usage
AC-2.13 - Disable Accounts for High-risk Individuals
AC-3 - Access Enforcement
AC-4 - Information Flow Enforcement
2 Subcontrols
AC-4.4 - Flow Control of Encrypted Information
AC-4.21 - Physical or Logical Separation of Information Flows
AC-5 - Separation of Duties
AC-6 - Least Privilege
8 Subcontrols
AC-6.1 - Authorize Access to Security Functions
AC-6.2 - Non-privileged Access for Nonsecurity Functions
AC-6.3 - Network Access to Privileged Commands
AC-6.5 - Privileged Accounts
AC-6.7 - Review of User Privileges
AC-6.8 - Privilege Levels for Code Execution
AC-6.9 - Log Use of Privileged Functions
AC-6.10 - Prohibit Non-privileged Users from Executing Privileged Functions
AC-7 - Unsuccessful Logon Attempts
AC-8 - System Use Notification
AC-10 - Concurrent Session Control
AC-11 - Device Lock
1 Subcontrol
AC-11.1 - Pattern-hiding Displays
AC-12 - Session Termination
AC-14 - Permitted Actions Without Identification or Authentication
AC-17 - Remote Access
4 Subcontrols
AC-17.1 - Monitoring and Control
AC-17.2 - Protection of Confidentiality and Integrity Using Encryption
AC-17.3 - Managed Access Control Points
AC-17.4 - Privileged Commands and Access
AC-18 - Wireless Access
4 Subcontrols
AC-18.1 - Authentication and Encryption
AC-18.3 - Disable Wireless Networking
AC-18.4 - Restrict Configurations by Users
AC-18.5 - Antennas and Transmission Power Levels
AC-19 - Access Control for Mobile Devices
1 Subcontrol
AC-19.5 - Full Device or Container-based Encryption
AC-20 - Use of External Systems
2 Subcontrols
AC-20.1 - Limits on Authorized Use
AC-20.2 - Portable Storage Devices — Restricted Use
AC-21 - Information Sharing
AC-22 - Publicly Accessible Content