>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

IAC-08Role-Based Access Control (RBAC)

Weight: 9

>Control Description

Mechanisms exist to enforce Role-Based Access Control (RBAC) for Technology Assets, Applications, Services and/or Data (TAASD) to restrict access to individuals assigned specific roles with legitimate business needs.

>Cross-Framework Mappings

NIST SP 800-53 r5

AC-2(7)
Compare

NIST CSF 2.0

PR.AA-05
Compare

PCI DSS v4.0.1

1.3.1
Compare
1.3.2
Compare
1.3.3
Compare
7.1.1
Compare
7.1.2
Compare
7.2.1
Compare
7.2.2
Compare
7.2.3
Compare
7.2.4
Compare
7.2.5
Compare
7.2.6
Compare
7.3.1
Compare
7.3.2
Compare
7.3.3
Compare

CIS Controls v8

3.3
Compare
6
Compare
6.8
Compare

SOC 2 TSC

CC5.2
Compare
CC6.1
Compare
CC6.3
Compare

CMMC v2.0

AC.L1-B.1.I
Compare
AC.L1-B.1.II
Compare
AC.L2-3.1.1
Compare
AC.L2-3.1.2
Compare
AC.L2-3.1.3
Compare

NIST SP 800-171

3.1.1
Compare
3.1.2
Compare
3.1.3
Compare

FedRAMP Rev 5

AC-2(7)
Compare

Canada ITSP 10.171

03.01.01.C.01
Compare
03.01.01.C.02
Compare
03.01.01.C.03
Compare
03.01.02
Compare
03.01.05.B
Compare
03.01.06.A
Compare
03.01.12.A
Compare
03.03.08.B
Compare
03.04.05
Compare
03.06.05.D
Compare
03.07.06.A
Compare

Australia Essential Eight

ML1-P4
Compare
ML2-P4
Compare
ML3-P4
Compare

Australia ISM

ISM-1746
Compare

India SEBI Guidelines

PR.AA.S3
Compare

New Zealand HISF

HSUP04
Compare
HSUP37
Compare
HHSP40
Compare
HHSP42
Compare
HML40
Compare
HML42
Compare
HMS07
Compare

New Zealand HISF Suppliers

HSUP04
Compare
HSUP37
Compare

Saudi Arabia IoT Guidelines

2-2-1
Compare

Spain ENS

Article 17
Compare

UK DEF STAN 05-138

2200.0
Compare
2206.0
Compare
2422.0
Compare

SOC 2 TSC (Detailed)

CC5.2-POF3
Compare
CC6.1
Compare
CC6.1-POF12
Compare
CC6.1-POF13
Compare
CC6.3
Compare
CC6.3-POF3
Compare

CIS Controls v8.1 (Detailed)

3.3
Compare
6.0
Compare
6.8
Compare

GovRAMP

AC-02(07)
Compare

ISO 27002:2022

5.15
Compare
8.3
Compare

NIST SP 800-171 Rev 3

03.01.01.c.01
Compare
03.01.01.c.02
Compare
03.01.01.c.03
Compare
03.01.02
Compare
03.01.05.b
Compare
03.01.06.a
Compare
03.01.12.a
Compare
03.03.08.b
Compare
03.04.05
Compare
03.06.05.d
Compare
03.07.06.a
Compare

NIST SP 800-171A Rev 3

A.03.01.01.c.02
Compare
A.03.01.01.c.03
Compare
A.03.01.05.ODP[01]
Compare
A.03.01.05.ODP[02]
Compare
A.03.01.05.b[01]
Compare
A.03.01.05.b[02]
Compare
A.03.04.05[04]
Compare
A.03.06.05.d
Compare

NIST SP 800-171A

3.1.3[c]
Compare

NIST SP 800-172

3.1.2e
Compare

NIST SP 800-207 Zero Trust

NIST Tenet 3
Compare
NIST Tenet 4
Compare

TISAX

4.2.1
Compare

Data Privacy Management Principles

7.1
Compare

45 CFR 155.260

155.260(a)(4)(ii)
Compare

CISA CPG

2.E
Compare
2.L
Compare

CMMC 2.0 Level 1

AC.L1-B.1.I
Compare
AC.L1-B.1.II
Compare

DoD Zero Trust Roadmap

1.2
Compare

GLBA (16 CFR 314)

314.4(c)(1)(ii)
Compare

HIPAA Simplification 2013

§ 164.308(a)(3)(i)
Compare
§ 164.308(a)(3)(ii)(A)
Compare
§ 164.308(a)(4)(ii)(C)
Compare
§ 164.312(a)(1)
Compare
§ 164.514(d)(2)(i)(A)
Compare
§ 164.514(d)(2)(i)(B)
Compare
§ 164.514(d)(2)(ii)
Compare
§ 164.530(c)(2)(ii)
Compare

NERC CIP

CIP-004-7 4.1
Compare

NY DFS 23 NYCRR 500

500.7(a)(1)
Compare

GDPR

Article 32.4
Compare

Ask AI

Configure your API key to use AI features.