search

usnistgov / blossom-oscal

OSCAL content that supports the BloSS@M project.
10 stars 7 forks source link

OSCAL SSP Content: AC-2 Account Management #17

Open Compton-US opened 2 years ago

Compton-US commented 2 years ago

Document the plan of implementation for each component identified in the Component Definition Issue. Work content into a snippet for the OSCAL model.

nbg84 commented 2 years ago

AC-2 Account Management enhancements to be considered for selection.

AC-2(1) ACCOUNT MANAGEMENT | AUTOMATED SYSTEM ACCOUNT MANAGEMENT Support the management of system accounts using automation.

AC-2(2) ACCOUNT MANAGEMENT | AUTOMATED TEMPORARY AND EMERGENCY ACCOUNT MANAGEMENT Automatically manage temporary and emergency accounts.

AC-2(3) ACCOUNT MANAGEMENT | DISABLE ACCOUNTS Disable accounts within a specific time period.

AC-2(4) ACCOUNT MANAGEMENT | AUTOMATED AUDIT ACTIONS Automatically audit account management functions.

AC-2(5) ACCOUNT MANAGEMENT | INACTIVITY LOGOUT Require users to log out due to inactivity.

AC-2(13) ACCOUNT MANAGEMENT | DISABLE ACCOUNTS FOR HIGH-RISK INDIVIDUALS Disable accounts for high-risk users within a time frame after discovery of risk.