AC-9: Previous Logon (Access) Notification

Control Family:

Access Control

Priority:

P0: Security control not selected in any baseline.

CSF v1.1 References:

PR.AC-7

Threats Addressed:

Spoofing

Baselines:

Low
N/A
Moderate
N/A
High
N/A

Next Version:

NIST Special Publication 800-53 Revision 5:
AC-9: Previous Logon Notification

Control Statement

The information system notifies the user, upon successful logon (access) to the system, of the date and time of the last logon (access).

Supplemental Guidance

This control is applicable to logons to information systems via human user interfaces and logons to systems that occur in other types of architectures (e.g., service-oriented architectures).

Control Enhancements

AC-9(1): Unsuccessful Logons

Baseline(s):

(Not part of any baseline)

The information system notifies the user, upon successful logon/access, of the number of unsuccessful logon/access attempts since the last successful logon/access.

AC-9(2): Successful / Unsuccessful Logons

Baseline(s):

(Not part of any baseline)

The information system notifies the user of the number of [Selection: successful logons/accesses; unsuccessful logon/access attempts; both] during [Assignment: organization-defined time period].

AC-9(3): Notification Of Account Changes

Baseline(s):

(Not part of any baseline)

The information system notifies the user of changes to [Assignment: organization-defined security-related characteristics/parameters of the user’s account] during [Assignment: organization-defined time period].

AC-9(4): Additional Logon Information

Baseline(s):

(Not part of any baseline)

The information system notifies the user, upon successful logon (access), of the following additional information: [Assignment: organization-defined information to be included in addition to the date and time of the last logon (access)].

Control Statement

Supplemental Guidance

Control Enhancements

Related Controls

NIST Special Publication 800-53 Revision 4