CC6.1 - Logical Access Security Software and Infrastructure

CC6.1 concerns logical access security, requiring the entity to implement and maintain software and infrastructure that manage user authentication, authorization and access monitoring. The control ensures only authorized individuals can obtain system resources and that access events are logged and reviewed for unauthorized activity.