Limitation of privileged utility programs


Privileged utility programs are applications that require system or administrative privilege to do their jobs. Different kinds of utilities can include system utilities (e.g. malware protection), storage utilities (e.g. backup), file management utilities (e.g. encryption) or others (e.g. patching).

If use of privileged utility programs is permitted, the organisation should identify all privileged utility programs, also ones that are used in its cloud computing environment.

Organisation should ensure utility programs don’t interfere with controls of data systems hosted in any way (on-premises or cloud).

Connected other frameworks and requirements:
9.4.4: Use of privileged utility programs
ISO 27001
8.18: Use of privileged utility programs
ISO 27001
No items found.