PS-06 Access Agreements
a. Develop and document access agreements for organizational systems;
b. Review and update the access agreements ps-06_odp.01 ; and
c. Verify that individuals requiring access to organizational information and systems:
1. Sign appropriate access agreements prior to being granted access; and
2. Re-sign access agreements to maintain access to organizational systems when access agreements have been updated or ps-06_odp.02.
| Parameter ID | Definition |
|---|---|
| ps-06_odp.01 | frequency |
| ps-06_odp.02 | frequency |
Baselines
- L
- M
- H
- P
Guidance
Access agreements include nondisclosure agreements, acceptable use agreements, rules of behavior, and conflict-of-interest agreements. Signed access agreements include an acknowledgement that individuals have read, understand, and agree to abide by the constraints associated with organizational systems to which access is authorized. Organizations can use electronic signatures to acknowledge access agreements unless specifically prohibited by organizational policy.
Control Enhancements 3
- PS-06(01) Information Requiring Special Protection
- PS-06(02) Classified Information Requiring Special Protection L M H P
- PS-06(03) Post-employment Requirements L M H P
Related controls 10
- AC-17 Remote Access L M H P
- PE-02 Physical Access Authorizations L M H P
- PL-04 Rules of Behavior L M H P
- PS-02 Position Risk Designation L M H P
- PS-03 Personnel Screening L M H P
- PS-06 Access Agreements L M H P
- PS-07 External Personnel Security L M H P
- PS-08 Personnel Sanctions L M H P
- SA-21 Developer Screening L M H P
- SI-12 Information Management and Retention L M H P