CCI-002145

Enforce organization-defined circumstances and/or usage conditions for organization-defined system accounts.

Implementation Guidance

Determine if [AC-02(11)_ODP[01]; circumstances and/or usage conditions to be enforced for system accounts are defined] for [AC-02(11)_ODP[02]; system accounts subject to enforcement of circumstances and/or usage conditions are defined] are enforced.

Validation Procedures

Examine: [SELECT FROM: Access control policy; procedures addressing account management; system design documentation; system configuration settings and associated documentation; system-generated list of system accounts and associated assignments of usage circumstances and/or usage conditions; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with account management responsibilities; system/network administrators; organizational personnel with information security responsibilities; system developers]. Test: [SELECT FROM: Mechanisms implementing account management functions].

The controls below (if any) were marked by NIST as being related to CCI-002145.