6 — Access Control Management
8 safeguards in the Access Control Management control
6.1Establish an Access Granting Process
6.2Establish an Access Revoking Process
6.3Require MFA for Externally-Exposed Applications
6.4Require MFA for Remote Network Access
6.5Require MFA for Administrative Access
6.6Establish and Maintain an Inventory of Authentication and Authorization Systems
6.7Centralize Access Control
6.8Define and Maintain Role-Based Access Control