AC-17(4): Remote Access | Privileged Commands and Access

AC-17(4): Remote Access | Privileged Commands and Access ()

(a) Authorize the execution of privileged commands and access to security-relevant information via remote access only in a format that provides assessable evidence and for the following needs: [Assignment: organization-defined needs]; and
(b) Document the rationale for remote access in the security plan for the system.


Control Identifier	AC-17(4)
Latest Sync Date	19/12/24 09:18:14
Discussion	Remote access to systems represents a significant potential vulnerability that can be exploited by adversaries. As such, restricting the execution of privileged commands and access to security-relevant information via remote access reduces the exposure of the organization and the susceptibility to threats by adversaries to the remote access capability.
Related Controls	AC-6, SC-12, SC-13.



NIST 800-53 Controls Catalogue