AC-2(8): Dynamic Account Management

Control Family:

Access Control

Parent Control:

AC-2: Account Management

CSF v1.1 References:

PR.AC-4
DE.CM-3

Threats Addressed:

Spoofing
Repudiation

Baselines:

(Not part of any baseline)

Previous Version:

NIST Special Publication 800-53 Revision 4:
AC-2(8): Dynamic Account Creation

Control Statement

Create, activate, manage, and deactivate [Assignment: organization-defined system accounts] dynamically.

Supplemental Guidance

Approaches for dynamically creating, activating, managing, and deactivating system accounts rely on automatically provisioning the accounts at runtime for entities that were previously unknown. Organizations plan for the dynamic management, creation, activation, and deactivation of system accounts by establishing trust relationships, business rules, and mechanisms with appropriate authorities to validate related authorizations and privileges.

Control Statement

Supplemental Guidance

Related Controls

NIST Special Publication 800-53 Revision 5