STIGViewer Trial workspace — loading your subscription…

NIST 800-53 Rev 5

424 controls available

AC-12moderatehigh

Session Termination

Access Control

Control Statement

Automatically terminate a user session after {{ insert: param, ac-12_odp }}.

Discussion

Session termination addresses the termination of user-initiated logical sessions (in contrast to [SC-10](#sc-10) , which addresses the termination of network connections associated with communications sessions (i.e., network disconnect)). A logical session (for local, network, and remote access) is initiated whenever a user (or process acting on behalf of a user) accesses an organizational system. Such user sessions can be terminated without terminating network sessions. Session termination ends all processes associated with a user’s logical session except for those processes that are specifically created by the user (i.e., session owner) to continue after the session is terminated. Conditions or trigger events that require automatic termination of the session include organization-defined periods of user inactivity, targeted responses to certain types of incidents, or time-of-day restrictions on system use.

Framework
NIST SP 800-53 Rev 5
Family
Access Control
Baselines
moderate, high

Related Frameworks

4 paths across 2 frameworks
NIST 800-1711 mapping
3.1.11
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI3 mappings
CCI-002254
1.00
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-002360
1.00
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-002361
1.00
  • DISA · 2025-01-23 · disa_cci_list · equivalent

Related STIGs

61 STIGs reach this control through 8 CCIs. Expand a row to see the responsible NICE and O*NET roles.

Operating System — Desktop

3 STIGs

Operating System — Server

5 STIGs

Operating System — Mainframe

5 STIGs
CA IDMS Security Technical Implementation Guide
V2R12024-09-138 of 74 findings match
Mainframe Product Security Requirements Guide
V3R42025-09-103 of 194 findings match
IBM z/OS ACF2 Security Technical Implementation Guide
V9R82026-03-091 of 225 findings match
IBM z/OS RACF Security Technical Implementation Guide
V9R82026-03-091 of 222 findings match
IBM z/OS TSS Security Technical Implementation Guide
V9R82026-03-091 of 230 findings match

Network Device

11 STIGs

Database

11 STIGs
Database Security Requirements Guide
V4R52026-02-262 of 142 findings match
Show 3 more STIGs in this category →

Web / Application Server

11 STIGs

Virtualization / Container

6 STIGs

Endpoint Security Management

9 STIGs
Central Log Server Security Requirements Guide
V3R42026-02-123 of 127 findings match
Show 1 more STIG in this category →
Tanium 7.x Security Technical Implementation Guide
V2R32025-05-141 of 98 findings match