top of page
NIST CSF v1.1
PR.AC-7
Standard
Standard Version
NIST CSF
(v1.1)
Identity Management, Authentication and Access Control (PR.AC): Access to physical and logical assets and associated facilities is limited to authorized users, processes, and devices, and is managed consistent with the assessed risk of unauthorized access to authorized activities and transactions.
Users, devices, and other assets are authenticated (e.g., single-factor, multifactor commensurate with the risk of the transaction (e.g., individuals’ security and privacy risks and other organizational risks)
bottom of page