NIST 800-53 REV 5 • ACCESS CONTROL

AC-2(1)Automated System Account Management

Support the management of system accounts using {{ insert: param, ac-02.01_odp }}.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

No related controls listed

Supplemental Guidance

Automated system account management includes using automated mechanisms to create, enable, modify, disable, and remove accounts; notify account managers when an account is created, enabled, modified, disabled, or removed, or when users are terminated or transferred; monitor system account usage; and report atypical system account usage. Automated mechanisms can include internal system functions and email, telephonic, and text messaging notifications.

Practitioner Notes

This enhancement says you need automated tools — not just manual checklists — to manage your accounts. The system should be doing the heavy lifting for creating, disabling, and monitoring accounts.

Example 1: Deploy Microsoft Identity Manager (MIM) or Azure AD provisioning to automatically create accounts when HR adds a new employee to the HRIS system. When HR marks someone as terminated, the system auto-disables the AD account and sends a notification to the account manager.

Example 2: Use a SOAR platform like Splunk SOAR to create a playbook that monitors for disabled accounts and automatically removes them from all security groups after 30 days. The playbook logs every action, giving you a complete audit trail without any manual work.

More Access Control Controls

AC-1 Policy and Procedures AC-2 Account Management AC-2(2) Automated Temporary and Emergency Account Management AC-2(3) Disable Accounts