https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4---security-control-family_-access-control---controls-for-moderate-impact-systems/4/NIST SP 800-53 r4 - Security Control Family: Access Control - Controls for MODERATE Impact Systems4Profile of requirements corresponding to all MODERATE impact security controls in NIST Special Publication 800-53, r4, under the control family of Access Control.2021-04-26T00:00:00.000ZfalseThis document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.https://trustmarkinitiative.org/Trustmark InitiativePRIMARYTrustmark Supporthelp@trustmarkinitiative.org555-555-5555https://trustmarkinitiative.org/800-53Access ControlNISTSecurityModeratehttps://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4---security-control-family_-access-control---controls-for-low-impact-systems/4/1NIST SP 800-53 r4 - Security Control Family: Access Control - Controls for LOW Impact Systems4Profile of requirements corresponding to all LOW impact security controls in NIST Special Publication 800-53, r4, under the control family of Access Control.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-1_-access-control-policy-and-procedures/4/2NIST SP 800-53 r4 Security Control AC-1: Access Control Policy and Procedures4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-1: Access Control Policy and Procedures. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-2_-account-management/4/3NIST SP 800-53 r4 Security Control AC-2: Account Management4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-2: Account Management. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-2-_1__-automated-system-account-management/4/4NIST SP 800-53 r4 Security Control AC-2 (1): Automated System Account Management4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-2 (1): Automated System Account Management. Applicable to MODERATE impact and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-2-_2__-removal-of-temporary-_-emergency-accounts/4/5NIST SP 800-53 r4 Security Control AC-2 (2): Removal of Temporary / Emergency Accounts4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-2 (2): Removal of Temporary / Emergency Accounts. Applicable to MODERATE impact and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-2-_3__-disable-inactive-accounts/4/6NIST SP 800-53 r4 Security Control AC-2 (3): Disable Inactive Accounts4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-2 (3): Disable Inactive Accounts. Applicable to MODERATE impact and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-2-_4__-automated-audit-actions/4/7NIST SP 800-53 r4 Security Control AC-2 (4): Automated Audit Actions4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-2 (4): Automated Audit Actions. Applicable to MODERATE impact and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-3_-access-enforcement/4/8NIST SP 800-53 r4 Security Control AC-3: Access Enforcement4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-3: Access Enforcement. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-4_-information-flow-enforcement/4/9NIST SP 800-53 r4 Security Control AC-4: Information Flow Enforcement4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-4: Information Flow Enforcement. Applicable to MODERATE impact and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-5_-separation-of-duties/4/10NIST SP 800-53 r4 Security Control AC-5: Separation of Duties4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-5: Separation of Duties. Applicable to MODERATE impact and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-6_-least-privilege/4/11NIST SP 800-53 r4 Security Control AC-6: Least Privilege4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-6: Least Privilege. Applicable to MODERATE impact and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-6-_1__-authorize-access-to-security-functions/4/12NIST SP 800-53 r4 Security Control AC-6 (1): Authorize Access to Security Functions4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-6 (1): Authorize Access to Security Functions. Applicable to MODERATE impact and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-6-_2__-non-privileged-access-for-nonsecurity-functions/4/13NIST SP 800-53 r4 Security Control AC-6 (2): Non-Privileged Access for Nonsecurity Functions4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-6 (2): Non-Privileged Access for Nonsecurity Functions. Applicable to MODERATE impact and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-6-_5__-privileged-accounts/4/14NIST SP 800-53 r4 Security Control AC-6 (5): Privileged Accounts4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-6 (5): Privileged Accounts. Applicable to MODERATE impact and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-6-_9__-auditing-use-of-privileged-functions/4/15NIST SP 800-53 r4 Security Control AC-6 (9): Auditing Use of Privileged Functions4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-6 (9): Auditing Use of Privileged Functions. Applicable to MODERATE impact and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-6-_10__-prohibit-non-privileged-users-from-executing-privileged-functions/4/16NIST SP 800-53 r4 Security Control AC-6 (10): Prohibit Non-Privileged Users from Executing Privileged Functions4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-6 (10): Prohibit Non-Privileged Users from Executing Privileged Functions. Applicable to MODERATE impact and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-7_-unsuccessful-logon-attempts/4/17NIST SP 800-53 r4 Security Control AC-7: Unsuccessful Logon Attempts4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-7: Unsuccessful Logon Attempts. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-8_-system-use-notification/4/18NIST SP 800-53 r4 Security Control AC-8: System Use Notification4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-8: System Use Notification. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-11_-session-lock/4/19NIST SP 800-53 r4 Security Control AC-11: Session Lock4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-11: Session Lock. Applicable to MODERATE impact and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-11-_1__-pattern-hiding-displays/4/20NIST SP 800-53 r4 Security Control AC-11 (1): Pattern-Hiding Displays4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-11 (1): Pattern-Hiding Displays. Applicable to MODERATE impact and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-12_-session-termination/4/21NIST SP 800-53 r4 Security Control AC-12: Session Termination4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-12: Session Termination. Applicable to MODERATE impact and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-14_-permitted-actions-without-identification-or-authentication/4/22NIST SP 800-53 r4 Security Control AC-14: Permitted Actions Without Identification or Authentication4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-14: Permitted Actions Without Identification or Authentication. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-17_-remote-access/4/23NIST SP 800-53 r4 Security Control AC-17: Remote Access4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-17: Remote Access. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-17-_1__-automated-monitoring-_-control/4/24NIST SP 800-53 r4 Security Control AC-17 (1): Automated Monitoring / Control4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-17 (1): Automated Monitoring / Control. Applicable to MODERATE impact and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-17-_2__-protection-of-confidentiality-_-integrity-using-encryption/4/25NIST SP 800-53 r4 Security Control AC-17 (2): Protection of Confidentiality / Integrity Using Encryption4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-17 (2): Protection of Confidentiality / Integrity Using Encryption. Applicable to MODERATE impact and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-17-_3__-managed-access-control-points/4/26NIST SP 800-53 r4 Security Control AC-17 (3): Managed Access Control Points4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-17 (3): Managed Access Control Points. Applicable to MODERATE impact and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-17-_4__-privileged-commands-_-access/4/27NIST SP 800-53 r4 Security Control AC-17 (4): Privileged Commands / Access4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-17 (4): Privileged Commands / Access. Applicable to MODERATE impact and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-18_-wireless-access/4/28NIST SP 800-53 r4 Security Control AC-18: Wireless Access4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-18: Wireless Access. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-18-_1__-authentication-and-encryption/4/29NIST SP 800-53 r4 Security Control AC-18 (1): Authentication and Encryption4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-18 (1): Authentication and Encryption. Applicable to MODERATE impact and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-19_-access-control-for-mobile-devices/4/30NIST SP 800-53 r4 Security Control AC-19: Access Control for Mobile Devices4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-19: Access Control for Mobile Devices. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-19-_5__-full-device-_-container-based-encryption/4/31NIST SP 800-53 r4 Security Control AC-19 (5): Full Device / Container-Based Encryption4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-19 (5): Full Device / Container-Based Encryption. Applicable to MODERATE impact and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-20_-use-of-external-information-systems/4/32NIST SP 800-53 r4 Security Control AC-20: Use of External Information Systems4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-20: Use of External Information Systems. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-20-_1__-limits-on-authorized-use/4/33NIST SP 800-53 r4 Security Control AC-20 (1): Limits on Authorized Use4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-20 (1): Limits on Authorized Use. Applicable to MODERATE impact and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-20-_2__-portable-storage-devices/4/34NIST SP 800-53 r4 Security Control AC-20 (2): Portable Storage Devices4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-20 (2): Portable Storage Devices. Applicable to MODERATE impact and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-21_-information-sharing/4/35NIST SP 800-53 r4 Security Control AC-21: Information Sharing4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-21: Information Sharing. Applicable to MODERATE impact and HIGH impact systems.https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-22_-publicly-accessible-content/4/36NIST SP 800-53 r4 Security Control AC-22: Publicly Accessible Content4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-22: Publicly Accessible Content. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.SP800-53R4NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, April 2013 (Includes updates as of 01-15-2014). Available at <a href="http://dx.doi.org/10.6028/NIST.SP.800-53r4">http://dx.doi.org/10.6028/NIST.SP.800-53r4</a>.