SC-3(2): Access and Flow Control Functions
Control Family:
Parent Control:
Threats Addressed:
Baselines:
(Not part of any baseline)
Previous Version:
- NIST Special Publication 800-53 Revision 4:
- SC-3(2): Access / Flow Control Functions
Control Statement
Isolate security functions enforcing access and information flow control from nonsecurity functions and from other security functions.
Supplemental Guidance
Security function isolation occurs because of implementation. The functions can still be scanned and monitored. Security functions that are potentially isolated from access and flow control enforcement functions include auditing, intrusion detection, and malicious code protection functions.