NIST 800-53 REV 5 • PERSONNEL SECURITY

PS-4(2)Automated Actions

Use {{ insert: param, ps-04.02_odp.01 }} to {{ insert: param, ps-04.02_odp.02 }}.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

No related controls listed

Supplemental Guidance

In organizations with many employees, not all personnel who need to know about termination actions receive the appropriate notifications, or if such notifications are received, they may not occur in a timely manner. Automated mechanisms can be used to send automatic alerts or notifications to organizational personnel or roles when individuals are terminated. Such automatic alerts or notifications can be conveyed in a variety of ways, including via telephone, electronic mail, text message, or websites. Automated mechanisms can also be employed to quickly and thoroughly disable access to system resources after an employee is terminated.

Practitioner Notes

Automate the access revocation process for terminated employees rather than relying on manual steps. People forget checklists; automated systems do not.

Example 1: Integrate your HRIS with Azure AD using SCIM provisioning so that when HR changes an employee's status to 'terminated,' their accounts are automatically disabled across all connected applications within minutes.

Example 2: In Azure AD, set up Access Reviews that automatically remove access when a reviewer does not respond within the review period, and configure Lifecycle Workflows to trigger account disablement, session revocation, and manager notification when a termination event is detected.

More Personnel Security Controls

PS-1 Policy and Procedures PS-2 Position Risk Designation PS-3 Personnel Screening PS-3(1) Classified Information