Skip to main content

Restrict access to critical processes

Requirement#

The system must restrict access to system functions that execute critical business processes, allowing only authorized users.

Description#

Systems must enforce access controls on trusted enforcement points. They must also have a clear definition of user privileges and roles. Functions that execute critical business processes should only be available for authenticated users with roles that have the required privileges.

References#