NIST 800-53 Rev. 5

AC
AT
AU
CA
CM
CP
IA
IR
MA
MP
PE
PL
PM
PS
PT
RA
SA
SC
SI
SR
AC-1
AC-2
AC-2(1)
AC-2(2)
AC-2(3)
AC-2(4)
AC-2(5)
AC-2(6)
AC-2(7)
AC-2(8)
AC-2(9)
AC-2(11)
AC-2(12)
AC-2(13)
AC-3
AC-14(1)
AC-3(2)
AC-3(3)
AC-3(4)
AC-3(5)
AC-15
AC-3(7)
AC-3(8)
AC-3(9)
AC-3(10)
AC-3(11)
AC-3(12)
AC-3(13)
AC-3(14)
AC-3(15)
AC-4
AC-4(1)
AC-4(2)
AC-4(3)
AC-4(4)
AC-4(5)
AC-4(6)
AC-4(7)
AC-4(8)
AC-4(9)
AC-4(10)
AC-4(11)
AC-4(12)
AC-4(13)
AC-4(14)
AC-4(15)
AC-17(5)
AC-4(17)
AC-17(7)
AC-4(19)
AC-4(20)
AC-4(21)
AC-4(22)
AC-4(23)
AC-4(24)
AC-4(25)
AC-4(26)
AC-4(27)
AC-4(28)
AC-4(29)
AC-4(30)
AC-4(31)
AC-4(32)
AC-5
AC-6
AC-6(1)
AC-6(2)
AC-6(3)
AC-6(4)
AC-6(5)
AC-6(6)
AC-6(7)
AC-6(8)
AC-6(9)
AC-6(10)
AC-7
AC-17(8)
AC-7(2)
AC-7(3)
AC-7(4)
AC-8
AC-9
AC-9(1)
AC-9(2)
AC-9(3)
AC-9(4)
AC-10
AC-11
AC-11(1)
AC-12
AC-12(1)
AC-12(2)
AC-12(3)
AC-13
AC-14
AC-19(1)
AC-19(2)
AC-16
AC-16(1)
AC-16(2)
AC-16(3)
AC-16(4)
AC-16(5)
AC-16(6)
AC-16(7)
AC-16(8)
AC-16(9)
AC-16(10)
AC-17
AC-17(1)
AC-17(2)
AC-17(3)
AC-17(4)
AC-17(6)
AC-18(2)
AC-19(3)
AC-2(10)
AC-3(1)
AC-17(9)
AC-17(10)
AC-18
AC-18(1)
AC-3(6)
AC-18(3)
AC-18(4)
AC-18(5)
AC-19
AC-4(16)
AC-4(18)
AC-7(1)
AC-19(4)
AC-19(5)
AC-20
AC-20(1)
AC-20(2)
AC-20(3)
AC-20(4)
AC-20(5)
AC-21
AC-21(1)
AC-21(2)
AC-22
AC-23
AC-24
AC-24(1)
AC-24(2)
AC-25

AC-3(10): Access Enforcement | Audited Override of Access Control Mechanisms

Control Text:

Employ an audited override of automated access control mechanisms under [Assignment: organization-defined conditions] by [Assignment: organization-defined roles].

In certain situations, such as when there is a threat to human life or an event that threatens the organization’s ability to carry out critical missions or business functions, an override capability for access control mechanisms may be needed. Override conditions are defined by organizations and used only in those limited circumstances. Audit events are defined in AU-2. Audit records are generated in AU-12.

Related Controls