AC-2(2): Automated Temporary and Emergency Account Management

Control Family:

Access Control

Parent Control:

AC-2: Account Management

CSF v1.1 References:

PR.AC-4
DE.CM-3

Threats Addressed:

Spoofing
Repudiation

Baselines:

Moderate
High

Previous Version:

NIST Special Publication 800-53 Revision 4:
AC-2(2): Removal Of Temporary / Emergency Accounts

Control Statement

Automatically [Assignment: remove, disable] temporary and emergency accounts after [Assignment: organization-defined time period for each type of account].

Supplemental Guidance

Management of temporary and emergency accounts includes the removal or disabling of such accounts automatically after a predefined time period rather than at the convenience of the system administrator. Automatic removal or disabling of accounts provides a more consistent implementation.