STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← All Controls

AC-6 (5)

Access ControlRev 5organization

Privileged Accounts

Baselines:ModerateHigh

Control Statement

Restrict privileged accounts on the system to [Assignment: personnel or roles].

Supplemental Guidance

Privileged accounts, including super user accounts, are typically described as system administrator for various types of commercial off-the-shelf operating systems. Restricting privileged accounts to specific personnel or roles prevents day-to-day users from accessing privileged information or privileged functions. Organizations may differentiate in the application of restricting privileged accounts between allowed privileges for local accounts and for domain accounts provided that they retain the ability to control system configurations for key parameters and as otherwise necessary to sufficiently mitigate risk.

Related Controls (3)

IA-2MA-3MA-4

CCI Identifiers (3)

CCI-002227Restrict privileged accounts on the system to organization-defined personnel or roles.CCI-002226Defines the personnel or roles to whom privileged accounts are to be restricted on the information system.CCI-001421The organization limits authorization to super user accounts on the information system to designated system administration personnel.

Linked STIG Checks (20)

Across 14 STIGs. Click to expand.