AC-2(1): Automated System Account Management

Control Family:

Access Control

Parent Control:

AC-2: Account Management

CSF v1.1 References:

PR.AC-4
DE.CM-3

Threats Addressed:

Spoofing

Baselines:

Moderate
High

Previous Version:

NIST Special Publication 800-53 Revision 4:
AC-2(1): Automated System Account Management

Control Statement

Support the management of system accounts using [Assignment: organization-defined automated mechanisms].

Supplemental Guidance

Automated system account management includes using automated mechanisms to create, enable, modify, disable, and remove accounts; notify account managers when an account is created, enabled, modified, disabled, or removed, or when users are terminated or transferred; monitor system account usage; and report atypical system account usage. Automated mechanisms can include internal system functions and email, telephonic, and text messaging notifications.

Control Statement

Supplemental Guidance

Related Controls

Critical Security Controls Version 8