Can you give easy explanation about
Sometimes, i have a little confuse about this
Sure, I will give you an example for echa one:
1) A.9.2.2 User access provisioning: I give you an user with privileges of read/write to a folder (according to a procedure)
2) A.9.2.4 Management of secret authentication information of users: I give you your password in a secure manner (according with a procedure), for example: the organization needs to verify your identity, the use of external parties or unprotected electronic messages should be avoided, you should acknowledge receipt of secret authentication information, etc.
3) A.9.3.1 Use of secret authentication information: You should follow the organizations practices in the use of passwords, for example: not share individual users secret authentication information, ensure proper protection of passwords, not use the same secret authentication information for business and non-business purposes, etc
4) A.9.4.3 Password management system: You use in your organization a software to manage passwords, for example Active Directory (Windows environments), OpenLDAP (Linux and Windows environments)