AC-16(2): Attribute Value Changes By Authorized Individuals

Control Family:

Access Control

Parent Control:

AC-16: Security Attributes

Priority:

P0: Security control not selected in any baseline.

CSF v1.1 References:

PR.AC-4
PR.AC-6

Baselines:

(Not part of any baseline)

Next Version:

NIST Special Publication 800-53 Revision 5:
AC-16(2): Attribute Value Changes by Authorized Individuals

Control Statement

The information system provides authorized individuals (or processes acting on behalf of individuals) the capability to define or change the value of associated security attributes.

Supplemental Guidance

The content or assigned values of security attributes can directly affect the ability of individuals to access organizational information. Therefore, it is important for information systems to be able to limit the ability to create or modify security attributes to authorized individuals.