CC6.1SOC 2Logical access — access controls
The entity implements logical access security software, infrastructure, and architectures over protected information assets.
- Trust Service Criterion
- CC
- Audit period
- type-2
- Points of focus
- User identification and authentication
- Least-privilege access is enforced
- Access is reviewed periodically
- Privileged access is tightly controlled