AC-14 Permitted Actions Without Identification Or Authentication
Control: The organization identifies and documents specific user actions that can be performed on the information system without identification or authentication.
Supplemental Guidance: The organization allows limited user activity without identification and authentication for public websites or other publicly available information systems (e.g., individuals accessing a federal information system at http://www.firstgov.gov). Related security control: IA-2.
Control Enhancements: (1) The organization permits actions to be performed without identification and authentication only to the extent necessary to accomplish mission objectives.
Baseline: LOW AC-14 MOD AC-14 (1) HIGH AC-14 (1)
Family: Access Control
ISO 17799 mapping: None.
COBIT 4.1 mapping: None.
PCI-DSS v2 mapping: None.