AC-16(3): Maintenance Of Attribute Associations By Information System

Control Family:

Access Control

CSF v1.1 References:


(Not part of any baseline)

Next Version:

Control Statement

The information system maintains the association and integrity of [Assignment: organization-defined security attributes] to [Assignment: organization-defined subjects and objects].

Supplemental Guidance

Maintaining the association and integrity of security attributes to subjects and objects with sufficient assurance helps to ensure that the attribute associations can be used as the basis of automated policy actions. Automated policy actions include, for example, access control decisions or information flow control decisions.