Overview:
The organization:
(a) Monitors information system accounts for [Assignment: organization-defined atypical use]; and
(b) Reports atypical usage of information system accounts to [Assignment: organization-defined personnel or roles].
Supplemental Guidance:
Atypical usage includes, for example, accessing information systems at certain times of the day and from locations that are not consistent with the normal usage patterns of individuals working in organizations.
Related control: CA-7
Action Items:
1) Enable logging and monitor accounts for atypical use
Related Documents:
1) Access Control Policy
2) Logging and Monitoring Policy
Additional Guidance:
Moderate FedRAMP-Defined Assignment / Selection Parameters
none
Moderate Additional FedRAMP Requirements and Guidance
AC-2 (12)(a) Required for privileged accounts.
AC-2 (12)(b) Required for privileged accounts.
Article ID: 19
Created: September 25, 2022
Last Updated: September 26, 2022
Author: Matthew Burdick
Online URL: http://www.compliancewiki.org/article/fedramp-account-monitoring-atypical-usage-ac-2-12-19.html