Application and information access control

Objective: To prevent unauthorised access to information held in application systems.

Logical access controls should be used to control access to application systems and information.

Access to information and applications should be granted in accordance with the business access control policy.

Where appropriate, sensitive systems should have their own isolated operating environment.

An Introduction To Information, Network and Internet Security
Application and information access control Objective: To prevent unauthorised access to information held in application systems. Logical access controls should be used to control access to application systems and information. Information access restriction Access to information and applications should be granted in accordance with the business access control policy. Sensitive system isolation Where appropriate, sensitive systems should have their own isolated operating environment.	The Security Practitioner An Introduction to Information Security
Return To An Introduction to Information Security