AC-2(12): Account Monitoring / Atypical Usage
- NIST Special Publication 800-53 Revision 5:
- AC-2(12): Account Monitoring for Atypical Usage
- Monitors information system accounts for [Assignment: organization-defined atypical usage]; and
- Reports atypical usage of information system accounts to [Assignment: organization-defined personnel or roles].
Atypical usage includes, for example, accessing information systems at certain times of the day and from locations that are not consistent with the normal usage patterns of individuals working in organizations.