Under active development — Content is continuously updated and improved

Home / Frameworks / FedRAMP Rev 5 / AC — Access Control

AC — Access Control

50 controls in the Access Control family

AC-1Policy and Procedures

AC-2Account Management

AC-2 (01)Account Management | Automated System Account Management

AC-2 (02)Account Management | Automated Temporary and Emergency Account Management

AC-2 (03)Account Management | Disable Accounts

AC-2 (04)Account Management | Automated Audit Actions

AC-2 (05)Account Management | Inactivity Logout

AC-2 (07)Account Management | Privileged User Accounts

AC-2 (09)Account Management | Restrictions on Use of Shared and Group Accounts

AC-2 (11)Account Management | Usage Conditions

AC-2 (12)Account Management | Account Monitoring for Atypical Usage

AC-2 (13)Account Management | Disable Accounts for High-risk Individuals

AC-3Access Enforcement

AC-4Information Flow Enforcement

AC-4 (04)Information Flow Enforcement | Flow Control of Encrypted Information

AC-4 (21)Information Flow Enforcement | Physical or Logical Separation of Information Flows

AC-5Separation of Duties

AC-6Least Privilege

AC-6 (01)Least Privilege | Authorize Access to Security Functions

AC-6 (02)Least Privilege | Non-privileged Access for Nonsecurity Functions

AC-6 (03)Least Privilege | Network Access to Privileged Commands

AC-6 (05)Least Privilege | Privileged Accounts

AC-6 (07)Least Privilege | Review of User Privileges

AC-6 (08)Least Privilege | Privilege Levels for Code Execution

AC-6 (09)Least Privilege | Log Use of Privileged Functions

AC-6 (10)Least Privilege | Prohibit Non-privileged Users from Executing Privileged Functions

AC-7Unsuccessful Logon Attempts

AC-8System Use Notification

AC-10Concurrent Session Control

AC-11Device Lock

AC-11 (01)Device Lock | Pattern-hiding Displays

AC-12Session Termination

AC-14Permitted Actions Without Identification or Authentication

AC-17Remote Access

AC-17 (01)Remote Access | Monitoring and Control

AC-17 (02)Remote Access | Protection of Confidentiality and Integrity Using Encryption

AC-17 (03)Remote Access | Managed Access Control Points

AC-17 (04)Remote Access | Privileged Commands and Access

AC-18Wireless Access

AC-18 (01)Wireless Access | Authentication and Encryption

AC-18 (03)Wireless Access | Disable Wireless Networking

AC-18 (04)Wireless Access | Restrict Configurations by Users

AC-18 (05)Wireless Access | Antennas and Transmission Power Levels

AC-19Access Control for Mobile Devices

AC-19 (05)Access Control for Mobile Devices | Full Device or Container-based Encryption

AC-20Use of External Systems

AC-20 (01)Use of External Systems | Limits on Authorized Use

AC-20 (02)Use of External Systems | Portable Storage Devices -- Restricted Use

AC-21Information Sharing

AC-22Publicly Accessible Content

← Back to all controls