Navigate

CCI-001682

CCI-001682 Definition

Automatically remove or disable emergency accounts after an organization-defined time period for each type of account.

Status
Type	CheckType.technical

Master Assessment Datasheet

Implementation Guidance

Determine if temporary and emergency accounts are automatically [AC-02(02)_ODP[01]; one of the following PARAMETER VALUES is selected: {remove; disable}] after [AC-02(02)_ODP[02]; the time period after which to automatically remove or disable temporary or emergency accounts is defined].

Validation Procedures

Examine: [SELECT FROM: Access control policy; procedures for addressing account management; system design documentation; system configuration settings and associated documentation; system-generated list of temporary accounts removed and/or disabled; system-generated list of emergency accounts removed and/or disabled; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with account management responsibilities; system/network administrators; organizational personnel with information security with information security responsibilities; system developers]. Test: [SELECT FROM: Automated mechanisms for implementing account management functions].

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-001682.

Control	Description
AC-2(2)	Automatically [one of "remove"/"disable"] temporary and emergency accounts after [the time period after which to automatically remove or disable temporary or emergency accounts is defined;].