Procedimientos
para asegurar que los que acceden a un sistema disfrutan de la habilitación
necesaria y tienen necesidad de conocer, siempre de acuerdo a la política de
seguridad correspondiente.
(I) Procedures to ensure
that persons who access a system have proper clearance, authorization, and
need-to-know as required by the system's security policy. (See: security architecture.)
[RFC4949:2007]
The procedures established
to ensure that all personnel who have access to sensitive information have the
required authority as well as appropriate clearances. [IRM-5239-8:1995]