PR.AC: Identity Management, Authentication and Access Control

Warning icon.

Category is withdrawn in the next version of this framework and incorporated into: PR.AA: Identity Management, Authentication, And Access Control.


Access to physical and logical assets and associated facilities is limited to authorized users, processes, and devices, and is managed consistent with the assessed risk of unauthorized access to authorized activities and transactions.

Framework Subcategories