5.3: Disable Dormant Accounts

CSF v1.1 References:

PF v1.0 References:

Threats Addressed:

Group:

Info icon.

Incorporates the following controls from the previous version: 16.8: Disable Any Unassociated Accounts, 16.9: Disable Dormant Accounts, 16.10: Ensure All Accounts Have An Expiration Date.

Control Statement

Delete or disable any dormant accounts after a period of 45 days of inactivity, where supported.

[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]

Related Controls

NIST Special Publication 800-53 Revision 5

NIST Special Publication 800-53 Revision 4