💼 IA-5 Authenticator Management
- Contextual name: 💼 IA-5 Authenticator Management
- ID:
/frameworks/nist-sp-800-53-r5/ia/05 - Located in: 💼 IA Identification And Authentication
Description
Manage system authenticators by: a. Verifying, as part of the initial authenticator distribution, the identity of the individual, group, role, service, or device receiving the authenticator; b. Establishing initial authenticator content for any authenticators issued by the organization; c. Ensuring that authenticators have sufficient strength of mechanism for their intended use; d. Establishing and implementing administrative procedures for initial authenticator distribution, for lost or compromised or damaged authenticators, and for revoking authenticators; e. Changing default authenticators prior to first use; f. Changing or refreshing authenticators [Assignment: organization-defined time period by authenticator type] or when [Assignment: organization-defined events] occur; g. Protecting authenticator content from unauthorized disclosure and modification; h. Requiring individuals to take, and having devices implement, specific controls to protect authenticators; and i. Changing authenticators for group or role accounts when membership to those accounts changes.
Similar
- Sections
/frameworks/aws-fsbp-v1.0.0/dms/10/frameworks/aws-fsbp-v1.0.0/dms/11/frameworks/aws-fsbp-v1.0.0/transfer-family/02
- Internal
- ID:
dec-c-42a21b57
- ID:
Similar Sections (Take Policies From)
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 FedRAMP High Security Controls → 💼 IA-5 Authenticator Management (L)(M)(H) | 6 | 14 | 32 | |
| 💼 FedRAMP Low Security Controls → 💼 IA-5 Authenticator Management (L)(M)(H) | 1 | 32 | ||
| 💼 NIST CSF v2.0 → 💼 PR.AA-01: Identities and credentials for authorized users, services, and hardware are managed by the organization | 38 | |||
| 💼 NIST CSF v2.0 → 💼 PR.AA-03: Users, services, and hardware are authenticated | 32 |