Rules on network services access - As per the access control policy, users should only be permitted to access information and processing they have been granted.

Rules on network services access – As per the access control policy, users should only be permitted to access information and processing they have been granted.

Rules on network services access – As per the access control policy, users should only be permitted to access information and processing they have been granted. Much of this clause has already been covered in the access control policy.

The policy should determine which information can be accessed, authorisation procedures, management controls for the protection of networks, permissible network connections (eg not over wifi), authentication requirements and monitoring of use.

Further reading at: https://activaconsulting.co.uk/iso-27002-controls/9-2-user-access-management/