Access control

Set of mechanisms and policies that regulate who can access which resources, under what conditions, and with what level of privilege. It is a fundamental control in ISO 27001 for protecting the confidentiality and integrity of information.