← Back to catalog
AC-3(2)

Dual Authorization

Access Control (AC)
Baselines
Low · Not includedModerate · Not includedHigh · Not included
Description

Enforce dual authorization for [assignment].

Discussion

Dual authorization, also known as two-person control, reduces risk related to insider threats. Dual authorization mechanisms require the approval of two authorized individuals to execute. To reduce the risk of collusion, organizations consider rotating dual authorization duties. Organizations consider the risk associated with implementing dual authorization mechanisms when immediate responses are necessary to ensure public and environmental safety.

Implementation guidance

No content available.

CSF 2.0 crosswalk

No CSF mappings exist for this control.