+IAM-02 Granting and Change of Identities and Access Rights
---+IAM-02.01B
---+IAM-02.02B
---+IAM-02.03B

1. Übersicht

IAM-02 Granting and Change of Identities and Access Rights

-

Bezeichnung	Standard
IAM-02.01B	Specified procedures for granting and modifying identities and access rights for internal and external personnel of the cloud service provider as well as for system components involved in automated authorisation processes of the cloud service provider ensure compliance with the role and rights policies and procedures as well as the policy for managing identities and access rights. This criterion applies to identities that refer to single, multiple or non-human entities.
IAM-02.02B	The aforementioned procedures include, but are not limited to: 1. Processes and technical controls to restrict access to the cloud service provider's data and system functions to authorised personnel; and 2. Processes and technical controls to manage and verify access permissions within the cloud service provider's systems.
IAM-02.03B	If the cloud service provider defines break glass accounts for use in case of a non-availability of the main procedure for authentication, specific requirements and procedures for the secure usage of those accounts are defined and implemented.

1.1 Referenzen

1.2 Identifizierte Anforderungen

1.2 Related Regulation

2. Identifizierte Anforderungen

Anforderungen
Source	Anforderung

3. Related Regulations

Regulations
Source	Regulierung

Cloud Computing Compliance Criteria Catalogue (C5:2026) -
Copyright by Bundesamt für Sicherheit in der Informationstechnik (https://www.bsi.bund.de/)

https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Informationen-und-Empfehlungen/Empfehlungen-nach-Angriffszielen/Cloud-Computing/Kriterienkatalog-C5/C5_2025/C5_2025_node.html

Impressum