AC-3(12)

  • Requirement

    1. Require applications to assert, as part of the installation process, the access needed to the following system applications and functions: [Assignment: organization-defined system applications and functions];
    2. Provide an enforcement mechanism to prevent unauthorized access; and
    3. Approve access changes after initial installation of the application.
  • Discussion

    Asserting and enforcing application access is intended to address applications that need to access existing system applications and functions, including user contacts, global positioning systems, cameras, keyboards, microphones, networks, phones, or other files.

More Info

  • Title

    Access Enforcement | Assert and Enforce Application Access
  • Family

    Access Control
  • NIST 800-53B Baseline(s)

    • Related NIST 800-53 ID

      CM-7

    NIST 800-53A Assessment Guidance

    CMMC Training

    Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!