AC-24: Access Control Decisions

From NIST's SP800-53:

[Selection: Establish procedures; Implement mechanisms] to ensure [Assignment: organization-defined access control decisions] are applied to each access request prior to access enforcement.

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

SP800-53 Control Mapped to NIST Cyber Security Framework

Generated from NISTs SP800-53/CSF Crosswalk mappings.

Control ID	Description
PR.AC-4	Access permissions and authorizations are managed, incorporating the principles of least privilege and separation of duties
PR.AC-6	Identities are proofed and bound to credentials and asserted in interactions