NIST 800-53 REV 5 • SYSTEM AND INFORMATION INTEGRITY

SI-7(16)Time Limit on Process Execution Without Supervision

Prohibit processes from executing without supervision for more than {{ insert: param, si-07.16_odp }}.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

No related controls listed

Supplemental Guidance

Placing a time limit on process execution without supervision is intended to apply to processes for which typical or normal execution periods can be determined and situations in which organizations exceed such periods. Supervision includes timers on operating systems, automated responses, and manual oversight and response when system process anomalies occur.

Practitioner Notes

Set time limits on processes that execute without human supervision — long-running unsupervised processes may be hijacked or behave unexpectedly.

Example 1: Configure timeout limits on batch jobs and scheduled tasks. If a backup job normally takes 2 hours but has been running for 8 hours, terminate it and alert the operations team. The unusual runtime could indicate a problem or compromise.

Example 2: Set session timeout policies for automated service accounts. If a service account's session has been active for longer than the expected maximum (like a 24-hour limit for a daily processing account), force reauthentication or terminate the session.

More System and Information Integrity Controls

SI-1 Policy and Procedures SI-2 Flaw Remediation SI-2(1) Central Management SI-2(2) Automated Flaw Remediation Status