NIST 800-53 r5 · Controls catalogue · Family PS
PS-4Personnel Termination
Upon termination of individual employment: Disable system access within {{ insert: param, ps-04_odp.01 }}; Terminate or revoke any authenticators and credentials associated with the individual; Conduct exit interviews that include a discussion of {{ insert: param, ps-04_odp.02 }}; Retrieve all security-related organizational system-related property; and Retain access to organizational information and systems formerly controlled by terminated individual.
Last updated: 09 May 2026 03:25 UTC
Implementations targeting this control (0)
- No implementations targeting this control yet.
ATT&CK techniques this control mitigates (0)
- No ATT&CK techniques mapped to this control yet.
Weaknesses this control addresses (6)AI
CWEs ranked by how often they appear in real CVEs. The rationale describes how this control reduces exploitability of each weakness class.
| CWE | Name | CVEs | Why this control addresses it |
|---|---|---|---|
CWE-284 | Improper Access Control | 4,832 | Disabling all system access and revoking credentials upon termination directly prevents improper access control by former personnel. |
CWE-287 | Improper Authentication | 4,730 | Revoking authenticators and credentials eliminates the ability of terminated individuals to authenticate using prior mechanisms. |
CWE-269 | Improper Privilege Management | 2,907 | Explicit revocation of privileges and access rights addresses improper privilege management after employment ends. |
CWE-522 | Insufficiently Protected Credentials | 1,518 | Terminating or revoking credentials stops use of insufficiently protected or lingering credentials post-termination. |
CWE-285 | Improper Authorization | 1,230 | Terminating authorizations and privileges ensures that access rights no longer apply to the individual, reducing improper authorization risks. |
CWE-250 | Execution with Unnecessary Privileges | 305 | Disabling access and retrieving security-related property prevents continued execution with unnecessary privileges by ex-employees. |
Top CVEs where this control is the strongest mitigation
| CVE | Risk | CVSS | EPSS | Match |
|---|---|---|---|---|
| No CVEs annotated to this control yet — the per-CVE backfill is in progress. | ||||