Navigate

CCI-002148

CCI-002148 Definition

The organization defines the personnel or roles to whom atypical usage of information system accounts are to be reported.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

DoD has defined the personnel or roles as at a minimum, the ISSO.

Validation Procedures

The organization being inspected/assessed is automatically compliant with this CCI because they are covered at the DoD level. DoD has defined the personnel or roles as at a minimum, the ISSO.

Compelling Evidence

Automatically compliant

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002148.

Control	Description
AC-2 (12)	The organization: AC-2 (12)(a): Monitors information system accounts for [Assignment: organization-defined atypical usage]; and AC-2 (12)(b): Reports atypical usage of information system accounts to [Assignment: organization-defined personnel or roles].