NIST SP 800-171 & CMMC 2.0 Control 3.5.5 Requirement:

Prevent the reuse of identifiers for a defined period.

NIST SP 800-171 & CMMC 2.0 3.5.5 Requirement Explanation:

Typically, individual identifiers are the user names of accounts assigned to those individuals. Preventing reuse of identifiers implies preventing the assignment of previously used individual, group, role, or device identifiers to different individuals, groups, roles, or devices. If you reuse identifiers soon after they have been decommissioned you may cause confusion. It will be more difficult to determine who or what actually did something because the account or device name will be the same.

Example NIST SP 800-171 & CMMC 2.0 3.5.5 Implementation:

Do not reuse usernames on accounts for a defined period of time (e.g., for one year after the account was deleted). Do not reuse systems names and other identifiers such as group names.

NIST SP 800-171 & CMMC 2.0 3.5.5 Scenario(s):

- Scenario 1:

An employee named John Doe with a user account jdoe has had his employment terminated. Incidentally his replacement is his brother James Doe. Instead of reassigning the account jdoe you create a new account jamesdoe.

Discover Our NIST SP 800-171 & CMMC 2.0 Solutions:


Compliance Accelerator

Power through compliance. Meet and maintain your NIST SP 800-171 & CMMC 2.0 compliance requirements.

Quantum Assessor

Transform your business. Create new revenue streams and provide scalability for your NIST SP 800-171 and CMMC 2.0 services.

Supply Chain Verifier

Trust is everything. Verify, monitor, and support subcontactor compliance.