CCI-002165

Enforce organization-defined discretionary access control policies over defined subjects and objects.