HOME

AC-2 (13)

AC-2 (13) H
Description

The organization disables accounts of users posing a significant risk within [Assignment: organization-defined time period] of discovery of the risk.

FedRAMP
  • H AC-2 (13) [one (1) hour]
DISA Cloud Computing SRG

30 minutes unless otherwise defined in formal organizational policy

Source:
DoD RMF TAG

Supplemental Guidance

Users posing a significant risk to organizations include individuals for whom reliable evidence or intelligence indicates either the intention to use authorized access to information systems to cause harm or through whom adversaries will cause harm. Harm includes potential adverse impacts to organizational operations and assets, individuals, other organizations, or the Nation. Close coordination between authorizing officials, information system administrators, and human resource managers is essential in order for timely execution of this control enhancement.

Related Controls