V-222421
Application Security and Development Security Technical Implementation Guide
Title
The application must automatically audit account enabling actions.
Description
<VulnDiscussion>When application accounts are enabled, user accessibility is affected. Accounts are utilized for identifying individual application users or for identifying the application processes themselves. In order to detect and respond to events affecting user accessibility and application processing, applications must audit account removal actions and, as required, notify the appropriate individuals, so they can investigate the event. Such a capability greatly reduces the risk that applic...
Fix Text (Documentation Requirement)
Configure the application to write a log entry when a user account is enabled. At a minimum, ensure account name, date and time of the event are recorded.