Navigate

• Top
• Description
• Related
• Enhancements
• CCIs

AC-2(3)

AC-2(3): Disable Inactive Accounts

The information system automatically disables inactive accounts after [organization-defined time period].

Supplemental

CIA Levels
Confidentiality	high
Integrity	high
Availability	unknown

Overlays
None

CSF Categories
None

Related Controls

The controls below (if any) were marked by NIST as being related to AC-2(3).

Control	Description
No controls

Enhancements

The controls below (if any) add on to the requirements of AC-2(3).

Control	Description
No controls

Related CCIs

The CCIs below are tied to AC-2(3).

CCI	Definition
CCI-000017	Disable accounts when the accounts have been inactive for the organization-defined time-period.
CCI-000217	Defines a time period after which inactive accounts are automatically disabled.