💼 IA-4 IDENTIFIER MANAGEMENT
- ID:
/frameworks/nist-sp-800-53-r4/ia/04
Description​
The organization manages information system identifiers by: IA-4a. Receiving authorization from [Assignment: organization-defined personnel or roles] to assign an individual, group, role, or device identifier; IA-4b. Selecting an identifier that identifies an individual, group, role, or device; IA-4c. Assigning the identifier to the intended individual, group, role, or device; IA-4d. Preventing reuse of identifiers for [Assignment: organization-defined time period]; and IA-4e. Disabling the identifier after [Assignment: organization-defined time period of inactivity].
Similar​
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
| 💼 NIST CSF v1.1 → 💼 PR.AC-1: Identities and credentials are issued, managed, verified, revoked, and audited for authorized devices, users and processes | | 19 | 34 | | no data |
| 💼 NIST CSF v1.1 → 💼 PR.AC-6: Identities are proofed and bound to credentials and asserted in interactions | | 4 | 13 | | no data |
| 💼 NIST CSF v1.1 → 💼 PR.AC-7: Users, devices, and other assets are authenticated (e.g., single-factor, multi-factor) commensurate with the risk of the transaction (e.g., individuals' security and privacy risks and other organizational risks) | | 19 | 23 | | no data |
Sub Sections​