{ "$TMF_VERSION": "1.4", "PublicationDateTime": "2021-04-26T00:00:00.000Z", "Description": "Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control AC-2: Account Management. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.", "Keywords": [ "800-53", "Access Control", "Account Management", "High", "Low", "Moderate", "NIST", "P1", "Security" ], "Issuer": { "Identifier": "https://trustmarkinitiative.org/", "PrimaryContact": { "Email": "help@trustmarkinitiative.org", "Telephone": "555-555-5555", "Kind": "PRIMARY", "WebsiteURL": "https://trustmarkinitiative.org/", "Responder": "" }, "Name": "TMI" }, "Sources": [{ "Identifier": "SP800-53R4", "Reference": "NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, April 2013 (Includes updates as of 01-15-2014). Available at http://dx.doi.org/10.6028/NIST.SP.800-53r4<\/a>.", "$id": "source-2112165102" }], "Name": "NIST SP 800-53 r4 Security Control AC-2: Account Management", "TrustExpression": "TD_ref1 and TD_ref2 and TD_ref3 and TD_ref4 and TD_ref5 and TD_ref6 and TD_ref7 and TD_ref8 and TD_ref9 and TD_ref10 and TD_ref11", "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-ac-2_-account-management/4/", "Version": "4", "References": {"TrustmarkDefinitionRequirements": [ { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/account-monitoring/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for account monitoring as related to overall access control requirements.", "Number": 1, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/account-monitoring/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for account monitoring as related to overall access control requirements.", "Number": 1, "Version": "1.0", "Name": "Account Monitoring" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Account Monitoring", "$id": "TD_ref1" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/reissuance-of-shared-group-credentials/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for reissuance of shared/group credentials as related to overall access control requirements.", "Number": 2, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/reissuance-of-shared-group-credentials/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for reissuance of shared/group credentials as related to overall access control requirements.", "Number": 2, "Version": "1.0", "Name": "Reissuance of Shared/Group Credentials" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Reissuance of Shared/Group Credentials", "$id": "TD_ref2" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/account-manager-notification/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for account manager notification as related to overall access control requirements.", "Number": 3, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/account-manager-notification/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for account manager notification as related to overall access control requirements.", "Number": 3, "Version": "1.0", "Name": "Account Manager Notification" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Account Manager Notification", "$id": "TD_ref3" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/specified-privileges-for-each-account/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for specified privileges for each account as related to overall access control requirements.", "Number": 4, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/specified-privileges-for-each-account/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for specified privileges for each account as related to overall access control requirements.", "Number": 4, "Version": "1.0", "Name": "Specified Privileges For Each Account" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Specified Privileges For Each Account", "$id": "TD_ref4" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/account-managers/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for account managers as related to overall access control requirements.", "Number": 5, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/account-managers/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for account managers as related to overall access control requirements.", "Number": 5, "Version": "1.0", "Name": "Account Managers" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Account Managers", "$id": "TD_ref5" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/account-creation-approvals/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for account creation approvals as related to overall access control requirements.", "Number": 6, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/account-creation-approvals/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for account creation approvals as related to overall access control requirements.", "Number": 6, "Version": "1.0", "Name": "Account Creation Approvals" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Account Creation Approvals", "$id": "TD_ref6" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/identified-account-types/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for identified account types as related to overall access control requirements.", "Number": 7, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/identified-account-types/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for identified account types as related to overall access control requirements.", "Number": 7, "Version": "1.0", "Name": "Identified Account Types" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Identified Account Types", "$id": "TD_ref7" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/group-and-role-membership/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for group and role membership as related to overall access control requirements.", "Number": 8, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/group-and-role-membership/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for group and role membership as related to overall access control requirements.", "Number": 8, "Version": "1.0", "Name": "Group and Role Membership" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Group and Role Membership", "$id": "TD_ref8" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/defined-procedures-for-account-management/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for defined procedures for account management as related to overall access control requirements.", "Number": 9, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/defined-procedures-for-account-management/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for defined procedures for account management as related to overall access control requirements.", "Number": 9, "Version": "1.0", "Name": "Defined Procedures for Account Management" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Defined Procedures for Account Management", "$id": "TD_ref9" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/access-authorizations/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for access authorizations as related to overall access control requirements.", "Number": 10, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/access-authorizations/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for access authorizations as related to overall access control requirements.", "Number": 10, "Version": "1.0", "Name": "Access Authorizations" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Access Authorizations", "$id": "TD_ref10" }, { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/review-of-accounts/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for review of accounts as related to overall access control requirements.", "Number": 11, "Version": "1.0", "TrustmarkDefinitionReference": { "Identifier": "https://artifacts.trustmarkinitiative.org/lib/tds/review-of-accounts/1.0/", "Description": "Defines conformance and assessment criteria for compliance with minimum security requirements for review of accounts as related to overall access control requirements.", "Number": 11, "Version": "1.0", "Name": "Review of Accounts" }, "$Type": "TrustmarkDefinitionRequirement", "Name": "Review of Accounts", "$id": "TD_ref11" } ]}, "Primary": "false", "LegalNotice": "This document and the information contained herein is provided on an \"AS IS\" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.", "$Type": "TrustInteroperabilityProfile" }