Access Control CMMC Level 1 2.0

CMMC Level 1: Access Control Security Controls

Limit system access to authorized users, processes, and devices, and restrict each user to only the transactions and functions their role requires.

4 controls

1 critical

24h est. effort

3 categories

Authorized Access

Limit system access to authorized users, processes, and devices

Only authorized users, processes acting on behalf of users, and authorized devices should be able to...

Limit system access to permitted transactions and functions

Authorized users should only be able to perform the specific transactions and functions their role r...

Verify and control connections to external information systems

Organizations frequently connect to external systems such as contractor portals, cloud services, par...

Control FCI posted or processed on publicly accessible systems

Publicly accessible systems, such as public websites, public cloud storage buckets, public GitHub re...