AC-2(5): Inactivity Logout

Control Family:

Access Control

Parent Control:

AC-2: Account Management

Priority:

P1: Implement P1 security controls first.

CSF v1.1 References:

PR.AC-1
PR.AC-4
PR.AC-6
DE.CM-1
DE.CM-3

Threats Addressed:

Spoofing

Baselines:

High

Next Version:

NIST Special Publication 800-53 Revision 5:
AC-2(5): Inactivity Logout

Control Statement

The organization requires that users log out when [Assignment: organization-defined time-period of expected inactivity or description of when to log out].

Control Statement

Related Controls

Critical Security Controls Version 8