💼 IA-4 IDENTIFIER MANAGEMENT
- ID:
/frameworks/nist-sp-800-53-r4/ia/04
Stats​
not available
Description​
The organization manages information system identifiers by: IA-4a. Receiving authorization from [Assignment: organization-defined personnel or roles] to assign an individual, group, role, or device identifier; IA-4b. Selecting an identifier that identifies an individual, group, role, or device; IA-4c. Assigning the identifier to the intended individual, group, role, or device; IA-4d. Preventing reuse of identifiers for [Assignment: organization-defined time period]; and IA-4e. Disabling the identifier after [Assignment: organization-defined time period of inactivity].
Similar​
- Internal
- ID:
dec-c-ceeb2c06
- ID:
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 NIST CSF v1.1 → 💼 PR.AC-1: Identities and credentials are issued, managed, verified, revoked, and audited for authorized devices, users and processes | 19 | 34 | no data | ||
| 💼 NIST CSF v1.1 → 💼 PR.AC-6: Identities are proofed and bound to credentials and asserted in interactions | 4 | 13 | no data | ||
| 💼 NIST CSF v1.1 → 💼 PR.AC-7: Users, devices, and other assets are authenticated (e.g., single-factor, multi-factor) commensurate with the risk of the transaction (e.g., individuals' security and privacy risks and other organizational risks) | 20 | 24 | no data |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 IA-4 (1) PROHIBIT ACCOUNT IDENTIFIERS AS PUBLIC IDENTIFIERS | no data | ||||
| 💼 IA-4 (2) SUPERVISOR AUTHORIZATION | no data | ||||
| 💼 IA-4 (3) MULTIPLE FORMS OF CERTIFICATION | no data | ||||
| 💼 IA-4 (4) IDENTIFY USER STATUS | no data | ||||
| 💼 IA-4 (5) DYNAMIC MANAGEMENT | no data | ||||
| 💼 IA-4 (6) CROSS-ORGANIZATION MANAGEMENT | no data | ||||
| 💼 IA-4 (7) IN-PERSON REGISTRATION | no data |