PR.AC: Identity Management, Authentication and Access Control

Description

Access to physical and logical assets and associated facilities is limited to authorized users, processes, and devices, and is managed consistent with the assessed risk of unauthorized access to authorized activities and transactions.

Framework Subcategories