AC-9: Previous Logon Notification

Control Family:

Access Control

CSF v2.0 References:

Threats Addressed:

Baselines:

  • Low

    N/A

  • Moderate

    N/A

  • High

    N/A

  • Privacy

    N/A

Previous Version:

Control Statement

Notify the user, upon successful logon to the system, of the date and time of the last logon.

Supplemental Guidance

Previous logon notification is applicable to system access via human user interfaces and access to systems that occurs in other types of architectures. Information about the last successful logon allows the user to recognize if the date and time provided is not consistent with the user's last access.

Control Enhancements

AC-9(1): Unsuccessful Logons

Baseline(s):

(Not part of any baseline)

Notify the user, upon successful logon, of the number of unsuccessful logon attempts since the last successful logon.

AC-9(2): Successful and Unsuccessful Logons

Baseline(s):

(Not part of any baseline)

Notify the user, upon successful logon, of the number of [Assignment: successful logons, unsuccessful logon attempts, both] during [Assignment: organization-defined time period].

AC-9(3): Notification of Account Changes

Baseline(s):

(Not part of any baseline)

Notify the user, upon successful logon, of changes to [Assignment: organization-defined security-related characteristics or parameters of the user’s account] during [Assignment: organization-defined time period].

AC-9(4): Additional Logon Information

Baseline(s):

(Not part of any baseline)

Notify the user, upon successful logon, of the following additional information: [Assignment: organization-defined additional information].