CMMC 2.0 • LEVEL 2 • ACCESS CONTROL

AC.L2-3.1.4Separation of Duties

Identify the duties of individuals requiring separation. Define system access authorizations to support separation of duties.

NIST 800-171 Mapping

NIST 800-53 Controls

AC-5

Assessment Objectives

  • duties of individuals requiring separation are identified.
  • system access authorizations to support separation of duties are defined.

Practitioner Notes

Practitioner commentary coming soon.

Related CMMC 2.0 Practices

AC.L1-3.1.1 Account Management AC.L1-3.1.2 Access Enforcement AC.L2-3.1.3 Information Flow Enforcement AC.L2-3.1.5 Least Privilege