HOME

AC-17 (4)

AC-17 (4) H M
Description

The organization:
(a) Authorizes the execution of privileged commands and access to security-relevant information via remote access only for [Assignment: organization-defined needs]; and
(b) Documents the rationale for such access in the security plan for the information system.

DISA Cloud Computing SRG

a. Not appropriate for DoD to define for all CSP's infrastructure or service offerings

Source:
DoD RMF TAG

Supplemental Guidance

Related Controls