Next: 3.1.6 Monitoring and review
Up: 3.1 Local Network: Security
Previous: 3.1.4 Physical security
Appropriate security mechanisms have to be in place in order to allow
responsible officials to designate access to data according to
individual computer users' specific needs. Security mechanisms should
be sufficient to implement individual authentication of system users,
allow authorization to specific information and transaction
authorities, maintain audit trails as specified by the responsible
official, and encrypt sensitive files if required by user management.
Denis Arnaud
12/19/1997