NIST 800 -171 3.1.7

Prevent non-privileged users from executing privileged functions and audit the execution of such functions. Here is where the separation of admin accounts and non-admin accounts helps you with this control. Don’t allow the non-admin accounts to have any access or ability to perform any commands that a privileged account will create. If you follow the…