Authority checks—11.10 (g)
- Last UpdatedAug 14, 2025
- 1 minute read
"(g) Use of authority checks to ensure that only authorized individuals can use the system, electronically sign a record, access the operation or computer system input or output device, alter a record, or perform the operation at hand."
Procedures need to define how systems should perform authority checks. If any variation in authorization method is allowed, the specific scenarios and authorization methods for each must be specifically defined.
This requirement is related to the access limitation requirement (section 3.1.1.3). However, this requirement addresses allowing specific actions within the system whereas the access limitation requirement relates to general access to the system.