authorization

authorization Controls

4 controls across 3 frameworks.

CMMC L1

Limit system access to authorized users, processes, and devices

Access Control / Authorized Access

Limit system access to permitted transactions and functions

Access Control / Authorized Access

Implement policies and procedures for authorizing access to ePHI

Administrative Safeguards / Information Access Management

Access credentials are issued with appropriate authorization

Security / Logical and Physical Access