AC-2(9): Restrictions on Use of Shared and Group Accounts

Control Family:

Access Control

Parent Control:

AC-2: Account Management

CSF v1.1 References:

PR.AC-4
DE.CM-3

Threats Addressed:

Elevation of Privilege

Baselines:

(Not part of any baseline)

Previous Version:

NIST Special Publication 800-53 Revision 4:
AC-2(9): Restrictions On Use Of Shared / Group Accounts

Control Statement

Only permit the use of shared and group accounts that meet [Assignment: organization-defined conditions for establishing shared and group accounts].

Supplemental Guidance

Before permitting the use of shared or group accounts, organizations consider the increased risk due to the lack of accountability with such accounts.