Compliance Dictionary | Unified Compliance Framework

Type	Definition	Sources
Noun	A register of: • users (including groups, machines, processes) who have been given permission to use a particular system resource, and • the types of access they have been permitted. (used 0 times in citations and controls)	Per ISO 704:2009 methodology
Record Example	These records contain lists or tables of user permissions and access rights associated with files, folders, or other objects. (used 88 times in citations and controls)	Per ISO 704:2009 methodology
Record Example	1. A list of permissions associated with an object. The list specifies who or what is allowed to access the object and what operations are allowed to be performed on the object. 2. A mechanism that implements access control for a system resource by enumerating the system entities that are permitted to access the resource and stating, either implicitly or explicitly, the access modes granted to each entity. (used 4 times in citations and controls)	Glossary of Key Information Security Terms, NISTIR 7298 Revision 2

Loading...

Displaying Controls in which this term is tagged – Show all Controls containing this term regardless of tagging

Displaying Controls containing this term – Show only Controls in which this term is tagged

Loading...

ID	Control
{{ control.id }}	{{ control.name }}
None

Displaying Citations in which this term is tagged – Show all Citations containing this term regardless of tagging

Loading...

AD ID	Authority Document	CT ID	Reference	Guidance	CC ID
{{ citation.authority_document.id }}	{{ citation.authority_document.common_name }}	{{ citation.id }}	{{ citation.reference }}	{{ citation.guidance_as_tagged \|\| citation.guidance }}	{{ citation.control.id }} None
None

Access Control List