Back

Establish the requirements for Identity Assurance Levels.


CONTROL ID
13857
CONTROL TYPE
Technical Security
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Establish, implement, and maintain a digital identity management program., CC ID: 13713

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • Identity proof users that require accounts for logical access to systems based on appropriate identity assurance level requirements as specified in applicable standards and guidelines; (IA-12a., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, High Impact Baseline, October 2020)
  • Identity proof users that require accounts for logical access to systems based on appropriate identity assurance level requirements as specified in applicable standards and guidelines; (IA-12a., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Moderate Impact Baseline, October 2020)
  • Federation relationships SHALL establish parameters regarding expected and acceptable IALs and AALs in connection with the federated relationship. (5.1.1 ¶ 5, Digital Identity Guidelines: Federation and Assertions, NIST SP 800-63C)
  • The selection of authentication assurance levels SHALL be made in accordance with the applicable policies for a facility’s security level [RISK-MGMT-FACILITIES]. Additional guidelines for the selection and use of PIV authentication mechanisms for facility access can be found in NIST [SP 800-116]. (6.3.1 ¶ 3, FIPS Pub 201-3, Personal Identity Verification (PIV) of Federal Employees and Contractors)
  • Identity proof users that require accounts for logical access to systems based on appropriate identity assurance level requirements as specified in applicable standards and guidelines; (IA-12a., Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5)