Proper plugin screen access

I’m writing a plugin that has submenus in the dashboard;
Plugin Name
– Plugin Dashboard
– plugin options
– plugin do something
– plugin do something else.

In coding the menu items above, I limit whether or not the subpages are viewable or not by using the capability option in the add_submenu_page() function. So far so good.

In the code for those sub-pages, is it good practice to add a is_user_logged_in() check? Also, should I then go ahead and check the user has the correct access?

As a person can type in a page address directly in the URL bar, I want to make sure I’m securing my plugin pages properly without doing anything that’s not necessary.