Administrative Rights and Privileges

NIST states that Organizations should employ the principle of least privilege for specific duties and authorized accesses for users and processes. The principle of least privilege is applied with the goal of authorized privileges no higher than necessary to accomplish required organizational missions or business functions. Organizations should consider the creation of additional processes, roles, and system accounts as necessary, to achieve least privilege. Organizations [may] also apply least privilege to the development, implementation, and operation of organizational systems. Security functions include, for example, establishing system accounts, setting events to be logged, setting intrusion detection parameters, and configuring access authorizations (i.e., permissions, privileges). (Source)