top of page
< Back

NIST CSF v1.1

PR.AC-7

Standard

Standard Version

NIST CSF

(v1.1)

Identity Management, Authentication and Access Control (PR.AC): Access to physical and logical assets and associated facilities is limited to authorized users, processes, and devices, and is managed consistent with the assessed risk of unauthorized access to authorized activities and transactions.

Users, devices, and other assets are authenticated (e.g., single-factor, multifactor commensurate with the risk of the transaction (e.g., individuals’ security and privacy risks and other organizational risks)

bottom of page