Management of Administrative Privileges



Establish access control policies and procedures for management of administrative privileges.

Key Considerations


Additional Considerations

Applicable Service Models


  1. SPIN 2017-01, subsection 6.2.3
  2. CSE Top 10 #3
  3. Refer to CCCS ITSP.30.031 V2 User Authentication Guidance for Information Technology Systems
  4. Refer to the Guidance on Cloud Authentication for the Government of Canada
  5. Refer to the Recommendations for Two-Factor User Authentication Within the Government of Canada Enterprise Domain
  6. Related security controls: AC‑2, AC‑2(1), AC‑3, AC‑5, AC‑6, AC‑6(5), AC‑6(10), AC‑7, AC‑9, AC‑19, AC‑20(3), IA‑2, IA‑2(1), IA‑2(2), IA‑2(11), IA‑4, IA‑5, IA‑5(1), IA‑5(6), IA‑5(7), IA‑5(13), IA‑6, IA‑8