Establish the requirements for Identity Assurance Levels.

Back

CONTROL ID
13857

CONTROL TYPE
Technical Security

CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS

This Control directly supports the implied Control(s):

Establish, implement, and maintain a digital identity management program., CC ID: 13713

There are no implementation support Controls.

SELECTED AUTHORITY DOCUMENTS COMPLIED WITH

Identity proof users that require accounts for logical access to systems based on appropriate identity assurance level requirements as specified in applicable standards and guidelines; (IA-12a., FedRAMP Security Controls High Baseline, Version 5)
Identity proof users that require accounts for logical access to systems based on appropriate identity assurance level requirements as specified in applicable standards and guidelines; (IA-12a., FedRAMP Security Controls Moderate Baseline, Version 5)
Identity proof users that require accounts for logical access to systems based on appropriate identity assurance level requirements as specified in applicable standards and guidelines; (IA-12a., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, High Impact Baseline, October 2020)
Identity proof users that require accounts for logical access to systems based on appropriate identity assurance level requirements as specified in applicable standards and guidelines; (IA-12a., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Moderate Impact Baseline, October 2020)
Federation relationships SHALL establish parameters regarding expected and acceptable IALs and AALs in connection with the federated relationship. (5.1.1 ¶ 5, Digital Identity Guidelines: Federation and Assertions, NIST SP 800-63C)
The selection of authentication assurance levels SHALL be made in accordance with the applicable policies for a facilityâs security level [RISK-MGMT-FACILITIES]. Additional guidelines for the selection and use of PIV authentication mechanisms for facility access can be found in NIST [SP 800-116]. (6.3.1 ¶ 3, FIPS Pub 201-3, Personal Identity Verification (PIV) of Federal Employees and Contractors)
Identity proof users that require accounts for logical access to systems based on appropriate identity assurance level requirements as specified in applicable standards and guidelines; (IA-12a., Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5)
Identity proof users that require accounts for logical access to systems based on appropriate identity assurance level requirements as specified in applicable standards and guidelines; (IA-12a., Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5.1.1)