PS-06 Access Agreements
Control: The organization completes appropriate signed access agreements for individuals requiring access to organizational information and information systems before authorizing access and reviews/updates the agreements [Assignment: organization-defined frequency].
Supplemental Guidance: Access agreements include, for example, nondisclosure agreements, acceptable use agreements, rules of behavior, and conflict-of-interest agreements. Electronic signatures are acceptable for use in acknowledging access agreements unless specifically prohibited by organizational policy.
Control Enhancements: (0) None.
Baseline: LOW PS-6 MOD PS-6 HIGH PS-6
Family: Personnel Security
Class: Operational
ISO 17799 mapping: 6.1.5, 8.1.3
COBIT 4.1 mapping: DS5.4
PCI-DSS v2 mapping: 7.1.3