IA - Identification and Authentication

Controls Count: 2
Controls IDs: IA-2 (5), IA-12 (4)

Controls

IA-2 (5): Individual Authentication with Group Authentication

When shared accounts or authenticators are employed, require users to be individually authenticated before granting access to the shared accounts or resources.

Individual authentication prior to shared group authentication mitigates the risk of using group accounts or authenticators.

users are required to be individually authenticated before granting access to the shared accounts or resources when shared accounts or authenticators are employed.

Identification and authentication policy

system security plan

procedures addressing user identification and authentication

system design documentation

system configuration settings and associated documentation

system audit records

list of system accounts

IA-12 (4): In-person Validation and Verification

Require that the validation and verification of identity evidence be conducted in person before a designated registration authority.

In-person proofing reduces the likelihood of fraudulent credentials being issued because it requires the physical presence of individuals, the presentation of physical identity documents, and actual face-to-face interactions with designated registration authorities.

the validation and verification of identity evidence is conducted in person before a designated registration authority.

Identification and authentication policy

procedures addressing identity proofing

system security plan