>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

IA-5Authenticator Management

>Control Description

Manage system authenticators by: a. Verifying, as part of the initial authenticator distribution, the identity of the individual, group, role, service, or device receiving the authenticator;3 b. Establishing initial authenticator content for any authenticators issued by the organization; c. Ensuring that authenticators have sufficient strength of mechanism for their intended use;3 d. Establishing and implementing administrative procedures for initial authenticator distribution, for lost or compromised or damaged authenticators, and for revoking authenticators; e. Changing default authenticators prior to first use; f. Changing or refreshing authenticators annually or when there is evidence of authenticator compromise; g. Protecting authenticator content from unauthorized disclosure and modification; h. Requiring individuals to take, and having devices implement, specific controls to protect authenticators; and3 i. Changing authenticators for group or role accounts when membership to those accounts changes.3 j. AAL2 Specific Requirements

>Cross-Framework Mappings

SCF

CFG-02
Compare
IAC-10
Compare
IAC-10.1
Compare
IAC-10.5
Compare
IAC-10.8
Compare

Ask AI

Configure your API key to use AI features.