Thee organization ensures that every user or process (acting on behalf of the user) has access authorization to information systems based on his/her role and need to know.
Thee organization ensures that every user or process (acting on behalf of the user) has access authorization to information systems based on his/her role and need to know.