Navigate

CCI-002150

CCI-002150 Definition

The organization defines the time period within which the accounts of users posing a significant risk are to be disabled after discovery of the risk.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

DoD has defined the time period as 30 minutes unless otherwise defined in formal organizational policy.

Validation Procedures

The organization being inspected/assessed is automatically compliant with this CCI because they are covered at the DoD level. DoD has defined the time period as 30 minutes unless otherwise defined in formal organizational policy.

Compelling Evidence

Automatically compliant

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002150.

Control	Description
AC-2 (13)	The organization disables accounts of users posing a significant risk within [Assignment: organization-defined time period] of discovery of the risk.