← Back to catalog
AC-3(12)

Assert and Enforce Application Access

Access Control (AC)
Baselines
Low · Not includedModerate · Not includedHigh · Not included
Description

Require applications to assert, as part of the installation process, the access needed to the following system applications and functions: [assignment]; Provide an enforcement mechanism to prevent unauthorized access; and Approve access changes after initial installation of the application.

Discussion

Asserting and enforcing application access is intended to address applications that need to access existing system applications and functions, including user contacts, global positioning systems, cameras, keyboards, microphones, networks, phones, or other files.

Implementation guidance

No content available.

CSF 2.0 crosswalk

No CSF mappings exist for this control.