💼 PR.AA-02: Identities are proofed and bound to credentials based on the context of interactions

• ID: /frameworks/nist-csf-v2.0/pr-aa/02

Description

1. Verify a person's claimed identity at enrollment time using government-issued identity credentials (e.g., passport, visa, driver's license)
2. Issue a different credential for each person (i.e., no credential sharing)

Similar

• Sections
  • /frameworks/nist-csf-v1.1/pr-ac/06
  • /frameworks/nist-sp-800-53-r5/ia/12

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST CSF v1.1 → 💼 PR.AC-6: Identities are proofed and bound to credentials and asserted in interactions		4	13		no data
💼 NIST SP 800-53 Revision 5 → 💼 IA-12 Identity Proofing	6				no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (13)

Policy	Logic Count	Flags	Compliance
🛡️ AWS Account IAM Password Policy Number of passwords to remember is not set to 24🟢	1	🟢 x6	no data
🛡️ AWS EC2 Instance IAM role is not attached🟢	1	🟢 x6	no data
🛡️ AWS IAM User has inline or directly attached policies🟢	1	🟠 x1, 🟢 x5	no data
🛡️ AWS IAM User with console and programmatic access set during the initial creation🟢⚪		🟢 x2, ⚪ x1	no data
🛡️ AWS S3 Bucket MFA Delete is not enabled🟠🟢	1	🟠 x1, 🟢 x6	no data
🛡️ Azure App Service Authentication is disabled and Basic Authentication is enabled🟢	1	🟢 x6	no data
🛡️ Azure App Service Basic Authentication is enabled🟢⚪		🟢 x2, ⚪ x1	no data
🛡️ Consumer Google Accounts are used🟢⚪		🟢 x2, ⚪ x1	no data
🛡️ Google Accounts are not configured with MFA🟢⚪		🟢 x2, ⚪ x1	no data
🛡️ Google BigQuery Dataset is anonymously or publicly accessible🟢	1	🟢 x6	no data
🛡️ Google Cloud Audit Logging is not configured properly🟢	1	🟢 x6	no data
🛡️ Google Cloud MySQL Instance allows anyone to connect with administrative privileges🟢⚪		🟢 x2, ⚪ x1	no data
🛡️ Google Storage Bucket is anonymously or publicly accessible🟢	1	🟢 x6	no data