home || catalog: SP800-53rev3 / class: Technical / family: (AC) Access Control ||
search controls:
search nistpubs:

AC

AC-01
AC-02
AC-03
AC-04
AC-05
AC-06
AC-07
AC-08
AC-09 *
AC-10
AC-11
AC-12
AC-13
AC-14
AC-15
AC-16
AC-17
AC-18
AC-19
AC-20
AC-21
AC-22

AT
AU
CA
CM
CP
IA
IR
MA
MP
PE
PL
PM
PS
RA
SA
SC
SI
MMMMM

  AC-09: Previous Logon (Access) Notification  

base control objective:
The information system notifies the user, upon successful logon (access), of the date and time of the last logon (access).

supplemental objective information:
This control is intended to cover both traditional logons to information systems and general accesses to information systems that occur in other types of architectural configurations (e.g., service oriented architectures).

enhancements to the base objective:

(1) The information system notifies the user, upon successful logon/access, of the number of unsuccessful logon/access attempts since the last successful logon/access.

(2) The information system notifies the user of the number of [Selection: successful logins/accesses; unsuccessful login/access attempts; both] during [Assignment: organization-defined time period].

(3) The information system notifies the user of [Assignment: organization-defined set of security-related changes to the user’s account] during [Assignment: organization-defined time period].

mapping to FIPS199 baseline:

  LOW: null     MOD: null     HIGH: null  

related (regimented) controls:

None.

documents referenced in SP800-53rev3 for AC-09:

None.

Document Date Status Title

Search SP800-53rev3 catalog: