AC - Access Control Control Family
Page last updated:
| Number | Control | Pivotal Application Service (PAS) Compliance |
|---|---|---|
| AC-1 | ACCESS CONTROL POLICY AND PROCEDURES | Inherited and compliant |
| AC-2 | ACCOUNT MANAGEMENT | Deployer Responsibility |
| AC-3 | ACCESS ENFORCEMENT | Compliant |
| AC-4 | INFORMATION FLOW ENFORCEMENT | Compliant |
| AC-5 | SEPARATION OF DUTIES | Deployer Responsibility |
| AC-6 | LEAST PRIVILEGE | Deployer Responsibility |
| AC-7 | UNSUCCESSFUL LOGON ATTEMPTS | Inherited |
| AC-8 | SYSTEM USE NOTIFICATION | Compliant |
| AC-9 | PREVIOUS LOGON (ACCESS) NOTIFICATION | Inherited |
| AC-10 | CONCURRENT SESSION CONTROL | Not required for FISMA moderate |
| AC-11 | SESSION LOCK | Inherited |
| AC-12 | SESSION TERMINATION | Compliant |
| AC-14 | PERMITTED ACTIONS WITHOUT IDENTIFICATION OR AUTHENTICATION | Compliant |
| AC-16 | SECURITY ATTRIBUTES | P0, so not required for FISMA Moderate |
| AC-17 | REMOTE ACCESS | Inherited and Compliant |
| AC-18 | WIRELESS ACCESS | Compliant |
| AC-19 | ACCESS CONTROL FOR MOBILE DEVICES | Not Applicable to PCF |
| AC-20 | USE OF EXTERNAL INFORMATION SYSTEMS | Deployer Responsibility |
| AC-21 | INFORMATION SHARING | Inherited and Compliant |
| AC-22 | PUBLICLY ACCESSIBLE CONTENT | Inherited and Compliant |
| AC-23 | DATA MINING PROTECTION | P0, so not required for FISMA Moderate |
| AC-24 | ACCESS CONTROL DECISIONS | P0, so not required for FISMA Moderate |
| AC-25 | REFERENCE MONITOR | P0, so not required for FISMA Moderate |