PR.AC-P: Identity Management, Authentication, And Access Control

Description

Access to data and devices is limited to authorized individuals, processes, and devices, and is managed consistent with the assessed risk of unauthorized access.

Framework Subcategories

PR.AC-P3: Remote access is managed

[csf.tools Note: Subcategories do not have detailed descriptions.] Note: This Privacy Framework Subcategory is identical to the Cybersecurity Framework Subcategory.