800-53|AC-5c.

Title

SEPARATION OF DUTIES

Description

Defines information system access authorizations to support separation of duties.

Reference Item Details

Category: ACCESS CONTROL

Family: ACCESS CONTROL

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
SHPT-00-000190 - SharePoint must enforce organizational requirements to implement separation of duties through assigned information access authorizations.WindowsDISA STIG SharePoint 2010 v1r9
SHPT-00-000199 - SharePoint service accounts must be configured for separation of duties.WindowsDISA STIG SharePoint 2010 v1r9
SQL2-00-008800 - SQL Server must enforce separation of duties through assigned information access authorizations - 'server permissions'MS_SQLDBDISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-008800 - SQL Server must enforce separation of duties through assigned information access authorizations - 'user defined roles'MS_SQLDBDISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Full-text Filter Daemon Launcher'WindowsDISA STIG SQL Server 2012 Database OS Audit v1r20
SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server Agent'WindowsDISA STIG SQL Server 2012 Database OS Audit v1r20
SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server Analysis Services'WindowsDISA STIG SQL Server 2012 Database OS Audit v1r20
SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server Browser'WindowsDISA STIG SQL Server 2012 Database OS Audit v1r20
SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server Distributed Replay Client'WindowsDISA STIG SQL Server 2012 Database OS Audit v1r20
SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server Distributed Replay Controller'WindowsDISA STIG SQL Server 2012 Database OS Audit v1r20
SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server Integration Services 11.0'WindowsDISA STIG SQL Server 2012 Database OS Audit v1r20
SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server Reporting Services'WindowsDISA STIG SQL Server 2012 Database OS Audit v1r20
SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server VSS Writer'WindowsDISA STIG SQL Server 2012 Database OS Audit v1r20
SQL2-00-008900 - SQL Server processes or services must run under custom, dedicated OS or domain accounts - 'SQL Server'WindowsDISA STIG SQL Server 2012 Database OS Audit v1r20
SQL2-00-009000 - SQL Server must restrict access to sensitive information to authorized user roles.MS_SQLDBDISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-009100 - A single SQL Server database connection configuration file (or a single set of credentials) must not be used to configure all database clients - or a single set of credentials must not be used to configure all clients.WindowsDISA STIG SQL Server 2012 Database OS Audit v1r20
SQL2-00-009200 - SQL Server must be protected from unauthorized access by developers.MS_SQLDBDISA STIG SQL Server 2012 Database Audit v1r20
SQL2-00-009300 - SQL Server must be protected from unauthorized access by developers on shared production/development host systems.MS_SQLDBDISA STIG SQL Server 2012 Database Audit v1r20
SQL2-00-009400 - SQL Server must restrict access to system tables, other configuration information, and metadata to DBAs and other authorized users.MS_SQLDBDISA STIG SQL Server 2012 DB Instance Security v1r20
SQL2-00-009500 - Administrative privileges, built-in server roles and built-in database roles must be assigned to the DBMS login accounts that require them via custom roles, and not directly.MS_SQLDBDISA STIG SQL Server 2012 Database Audit v1r20