System and application access control

6.6.4.1Information access restriction The control, implementation guidance and other information stated in ISO/IEC 27002:2013, 9.4.1 applies
6.6.4.2Secure log-on procedures The control, implementation guidance and other information stated in ISO/IEC 27002:2013, 9.4.2 and the following additional guidance applies
6.6.4.3Password management system The control, implementation guidance and other information stated in ISO/IEC 27002:2013, 9.4.3 applies.
6.6.4.4Use of privileged utility programs The control, implementation guidance and other information stated in ISO/IEC 27002:2013, 9.4.4 applies
6.6.4.5Access control to program source code The control, implementation guidance and other information stated in ISO/IEC 27002:2013, 9.4.5 applies.