Navigate

AC-2(9)

AC-2(9): Restrictions on Use of Shared and Group Accounts

Only permit the use of shared and group accounts that meet [conditions for establishing shared and group accounts are defined;].

Supplemental

Before permitting the use of shared or group accounts, organizations consider the increased risk due to the lack of accountability with such accounts.

CIA Levels
Confidentiality	low
Integrity	low
Availability	unknown

Overlays
DAF Baseline, NC3, Privacy (accountability), Privacy (high), Privacy (low), Privacy (moderate)

CSF Categories
None

Related Controls

The controls below (if any) were marked by NIST as being related to AC-2(9).

Control	Description
No controls

Enhancements

The controls below (if any) add on to the requirements of AC-2(9).

Control	Description
No controls

Related CCIs

The CCIs below are tied to AC-2(9).

CCI	Definition
CCI-002140	Defines the conditions for establishing shared/group accounts.
CCI-002141	Only permit the use of shared and group accounts that meet organization-defined conditions for establishing shared and group accounts.