Young hacker smiling

We hack your software

zero false positives

Expert intelligence + effective automation

REQ.144 Purify accounts periodically

This documents contains the details of the security requirements related to the definition and management of access credentials in the organization. This requirement establishes the importance of purifying user accounts periodically in order to avoid information leakages.

Requirement

The organization must purify user accounts periodically.

References

  1. NIST 800-53 AC-2 (3) The information system automatically disables inactive accounts after [Assignment: organization-defined time period].

  2. NIST 800-53 AC-2 (10) The information system terminates shared/group account credentials when members leave the group.

  3. NIST 800-53 AC-2 (13) The organization disables accounts of users posing a significant risk within [Assignment: organization-defined time period] of discovery of the risk.


Service status - Terms of Use