STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← All Controls

AC-16 (1)

Access ControlRev 5system

Security and Privacy Attributes

Control Statement

Dynamically associate security and privacy attributes with [Assignment: organization-defined subjects and objects] in accordance with the following security and privacy policies as information is created and combined: [Assignment: organization-defined security and privacy policies].

Supplemental Guidance

Dynamic association of attributes is appropriate whenever the security or privacy characteristics of information change over time. Attributes may change due to information aggregation issues (i.e., characteristics of individual data elements are different from the combined elements), changes in individual access authorizations (i.e., privileges), changes in the security category of information, or changes in security or privacy policies. Attributes may also change situationally.

CCI Identifiers (8)

CCI-002272Dynamically associate security attributes with organization-defined objects in accordance with organization-defined security policies as information is created and combined.CCI-002273Defines the security policies to adhere to when dynamically associating security attributes with organization-defined subjects and objects.CCI-002274Defines the subjects with which the system is to dynamically associate security attributes as information is created and combined.CCI-002275Defines the objects with which the system is to dynamically associate security attributes as information is created and combined.CCI-001424Dynamically associate security attributes with organization-defined subjects in accordance with organization-defined security policies as information is created and combined.CCI-003712Dynamically associate privacy attributes with organization-defined subjects in accordance with organization-defined privacy policies as information is created and combined.CCI-003713Dynamically associate privacy attributes with organization-defined objects in accordance with organization-defined privacy policies as information is created and combined.

Linked STIG Checks (9)

Across 5 STIGs. Click to expand.

CCI-003714
Defines the privacy policies to adhere to when dynamically associating security attributes with organization-defined subjects and objects.