creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-25 19:24:36 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
ccce7d4e068efecc2f98c385c8e5c01d969fc9bc
Anthropic-Cybersecurity-Skills/skills/performing-access-review-and-certification/references/standards.md
T

1.0 KiB
Raw Blame History

Standards and References - Access Review and Certification

NIST Standards

  • NIST SP 800-53 Rev 5:
    • AC-2: Account Management (periodic review requirement)
    • AC-2(3): Disable accounts after inactivity period
    • AC-5: Separation of Duties
    • AC-6: Least Privilege
    • AC-6(7): Review of User Privileges
    • AU-6: Audit Record Review, Analysis, and Reporting
  • NIST SP 800-171: 3.1.1 Authorized Access Control, 3.1.2 Transaction Control

Compliance Requirements

  • SOX Section 404: Quarterly access reviews for financial systems
  • PCI DSS 4.0: Requirement 7.2.5 - Review all access at least every six months
  • HIPAA Security Rule: 45 CFR 164.312(a)(1) - Access control review
  • ISO 27001: A.9.2.5 Review of user access rights
  • GDPR Article 5(1)(f): Integrity and confidentiality of processing

Industry Frameworks

  • CIS Controls v8: Control 6.2 - Establish an Access Revoking Process
  • COBIT 2019: DSS05.04 - Manage user identity and logical access
  • IGA Market: SailPoint, Saviynt, One Identity, Omada
Reference in New Issue View Git Blame Copy Permalink