IAM-08: Trusted Sources
Control Family:
CSF v1.1 References:
PF v1.0 References:
Threats Addressed:
Control Statement
Policies and procedures are established for permissible storage and access of identities used for authentication to ensure identities are only accessible based on rules of least privilege and replication limitation only to users explicitly defined as business necessary.