AC-2(2): Automated Temporary and Emergency Account Management

Control Family:

Access Control

CSF v1.1 References:

Threats Addressed:


  • Moderate
  • High

Previous Version:

Control Statement

Automatically [Assignment: remove, disable] temporary and emergency accounts after [Assignment: organization-defined time period for each type of account].

Supplemental Guidance

Management of temporary and emergency accounts includes the removal or disabling of such accounts automatically after a predefined time period rather than at the convenience of the system administrator. Automatic removal or disabling of accounts provides a more consistent implementation.