Navigate

• Top
• Description
• Related
• Enhancements
• CCIs

AC-2(5)

AC-2(5): Inactivity Logout

The organization requires that users log out when [organization-defined time-period of expected inactivity or description of when to log out].

Supplemental

CIA Levels
Confidentiality	high
Integrity	high
Availability	high

Overlays
None

CSF Categories
None

Related Controls

The controls below (if any) were marked by NIST as being related to AC-2(5).

Control	Description
SC-23	The information system protects the authenticity of communications sessions.

Enhancements

The controls below (if any) add on to the requirements of AC-2(5).

Control	Description
No controls

Related CCIs

The CCIs below are tied to AC-2(5).

CCI	Definition
CCI-000019	Require that users log out in accordance with the organization-defined time-period of expected inactivity or description of when to log out.
CCI-001406	Defines a time period of expected inactivity when users are required to log out.
CCI-002133	Defines other conditions when users are required to log out.