Direct links from the subject.
| Property | Value |
|---|---|
|
The subject is an instance of a class. |
|
|
The subject is an instance of a class. |
An idea or notion; a unit of thought. |
|
A human-readable name for the subject. |
PR.AA-05.2: It shall be determined who needs access to the organisation's business-critical information and technology and the means to gain access. |
|
PR.AA-05.2 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_BASIC_E_p29 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_IMPORTANT_E_p67 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p93 |
|
|
Relates a concept to a concept that is more general in meaning. |
|
|
A general note, for any purpose. |
The goal of this control is to determine who requires access to the organisation’s business-critical information and technology, and to define the secure means by which this access is granted. To achieve this goal, the following should be considered: - Access Determination and Restriction - Access rights should be limited to only those individuals who need them to perform their roles. - A zero trust model should be considered for both IT and OT environments, requiring verification before granting access. - Means of Access - Access methods should include secure mechanisms such as keys, passwords, codes, or administrative privileges. - These methods should be managed and monitored to prevent misuse. - Cyber Health of Endpoints - Devices such as laptops, smartphones, and tablets should meet security standards before connecting to the production network. - Endpoint health should be verified by checking for: - Up-to-date antivirus software - Absence of malware - Installation of the latest security patches - Only compliant devices should be allowed to access critical systems and data. - OT-Specific Considerations - In OT environments, access to control systems should be limited to essential personnel. - Secure access methods (e.g. jump servers, role-based restrictions) should be used where individual accounts are not feasible. - Reference For practical tools and templates, refer to the Access Policy template in the CyFun® Toolbox on www.cyfun.eu |
|
A general note, for any purpose. |
The goal of this control is to determine who requires access to the organisation’s business-critical information and technology, and to define the secure means by which this access is granted. To achieve this goal, the following should be considered: • Access Determination and Restriction o Access rights should be limited to only those individuals who need them to perform their roles. o A zero trust model should be considered for both IT and OT environments, requiring verification before granting access. • Means of Access o Access methods should include secure mechanisms such as keys, passwords, codes, or administrative privileges. o These methods should be managed and monitored to prevent misuse. • Cyber Health of Endpoints o Devices such as laptops, smartphones, and tablets should meet security standards before connecting to the production network. o Endpoint health should be verified by checking for: - Up-to-date antivirus software - Absence of malware - Installation of the latest security patches o Only compliant devices should be allowed to access critical systems and data. • OT-Specific Considerations o In OT environments, access to control systems should be limited to essential personnel. o Secure access methods (e.g. jump servers, role-based restrictions) should be used where individual accounts are not feasible. • Reference For practical tools and templates, refer to the Access Policy template in the CyFun® Toolbox on www.cyfun.eu |
|
A general note, for any purpose. |
The goal of this control is to determine who requires access to the organisation’s business-critical information and technology, and to define the secure means by which this access is granted. To achieve this goal, the following should be considered: - Access Determination and Restriction - Access rights should be limited to only those individuals who need them to perform their roles. - A zero trust model should be considered for both IT and OT environments, requiring verification before granting access. - Means of Access - Access methods should include secure mechanisms such as keys, passwords, codes, or administrative privileges. - These methods should be managed and monitored to prevent misuse. - Cyber Health of Endpoints - Devices such as laptops, smartphones, and tablets should meet security standards before connecting to the production network. - Endpoint health should be verified by checking for: - Up-to-date antivirus software - Absence of malware - Installation of the latest security patches - Only compliant devices should be allowed to access critical systems and data. - OT-Specific Considerations - In OT environments, access to control systems should be limited to essential personnel. - Secure access methods (e.g. jump servers, role-based restrictions) should be used where individual accounts are not feasible. - Reference For practical tools and templates, refer to the Access Policy template in the CyFun® Toolbox on www.cyfun.eu |
|
A general note, for any purpose. |
<div><p>The goal of this control is to determine who requires access to the organisation’s business-critical information and technology, and to define the secure means by which this access is granted. To achieve this goal, the following should be considered:</p><ul><li>Access Determination and Restriction<ul><li>Access rights should be limited to only those individuals who need them to perform their roles.</li><li>A zero trust model should be considered for both IT and OT environments, requiring verification before granting access.</li></ul></li><li>Means of Access<ul><li>Access methods should include secure mechanisms such as keys, passwords, codes, or administrative privileges.</li><li>These methods should be managed and monitored to prevent misuse.</li></ul></li><li>Cyber Health of Endpoints<ul><li>Devices such as laptops, smartphones, and tablets should meet security standards before connecting to the production network.</li><li>Endpoint health should be verified by checking for:<ul><li>Up-to-date antivirus software</li><li>Absence of malware</li><li>Installation of the latest security patches</li></ul></li><li>Only compliant devices should be allowed to access critical systems and data.</li></ul></li><li>OT-Specific Considerations<ul><li>In OT environments, access to control systems should be limited to essential personnel.</li><li>Secure access methods (e.g. jump servers, role-based restrictions) should be used where individual accounts are not feasible.</li></ul></li><li>Reference For practical tools and templates, refer to the Access Policy template in the CyFun® Toolbox on www.cyfun.eu</li></ul></div> |
|
A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme. |
PR.AA-05.2 |
|
skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties. |
Access needs determination |
|
A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag. |
It shall be determined who needs access to the organisation's business-critical information and technology and the means to gain access. |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
1 |
|
|
The number of triples associated with the subject. |
23 |
|
Specifies the dataset the subject is part of. |
Resultaten 1 - 25 of 25
Inverse links to the subject.
| Property | Subject |
|---|---|
|
Relates a concept to a concept that is more specific in meaning. |
Resultaten 1 - 1 of 1