AC-2(3)—Account Management
PBMM (P2)
Secret (P2)
Technical
>Control Description
ACCOUNT MANAGEMENT | DISABLE INACTIVE ACCOUNTS The information system automatically disables inactive accounts after ⚙organization-defined time period.
>Tailoring Guidance
This security control/enhancement requires careful balance between usability and security. Care needs to be taken to ensure that the appropriate balance between the two seemingly conflicting requirements is achieved. Disabling an account is understood to be the equivalent of locking an account.
The account can easily be reactivated (unlocked) by an authorized administrator.
>Profile-Specific Parameters
(3) time period [not to exceed 30 days]
Ask AI
Configure your API key to use AI features.