AC-17(4): Privileged Commands / Access

Control Family:

Access Control

Parent Control:

AC-17: Remote Access

CSF v1.1 References:


  • Moderate
  • High

Next Version:

Control Statement

The organization:

  1. Authorizes the execution of privileged commands and access to security-relevant information via remote access only for [Assignment: organization-defined needs]; and
  2. Documents the rationale for such access in the security plan for the information system.