AC-16(3): Maintenance Of Attribute Associations By Information System

Control Family:

Access Control

Parent Control:

AC-16: Security Attributes

Priority:

P0: Security control not selected in any baseline.

CSF v1.1 References:

PR.AC-4
PR.AC-6

Baselines:

(Not part of any baseline)

Next Version:

NIST Special Publication 800-53 Revision 5:
AC-16(3): Maintenance of Attribute Associations by System

Control Statement

The information system maintains the association and integrity of [Assignment: organization-defined security attributes] to [Assignment: organization-defined subjects and objects].

Supplemental Guidance

Maintaining the association and integrity of security attributes to subjects and objects with sufficient assurance helps to ensure that the attribute associations can be used as the basis of automated policy actions. Automated policy actions include, for example, access control decisions or information flow control decisions.