IA — Identification and Authentication
37 controls in the Identification and Authentication family
IA-1Policy and Procedures
IL4 ModIL4 HighIL5IL6
IA-2Identification and Authentication (organizational Users)
IL4 ModIL4 HighIL5IL6
IA-2(1)Identification and Authentication (organizational Users) | Multi-factor Authentication to Privileged Accounts
IL4 ModIL4 HighIL5IL6
IA-2(2)Identification and Authentication (organizational Users) | Multi-factor Authentication to Non-privileged Accounts
IL4 ModIL4 HighIL5IL6
IA-2(5)Identification and Authentication (organizational Users) | Individual Authentication with Group Authentication
IL4 ModIL4 HighIL5IL6
IA-2(6)Identification and Authentication (organizational Users) | Access to Accounts --separate Device
IL4 ModIL4 HighIL5IL6
IA-2(8)Identification and Authentication (organizational Users) | Access to Accounts -- Replay Resistant
IL4 ModIL4 HighIL5IL6
IA-2(12)Identification and Authentication (organizational Users) | Acceptance of PIV Credentials
IL4 ModIL4 HighIL5IL6
IA-3Device Identification and Authentication
IL4 ModIL4 HighIL5IL6
IA-3(1)Device Identification and Authentication | Cryptographic Bidirectional Authentication
IL5IL6
IA-4Identifier Management
IL4 ModIL4 HighIL5IL6
IA-4(4)Identifier Management | Identify User Status
IL4 ModIL4 HighIL5IL6
IA-4(9)Identifier Management | Attribute Maintenance and Protection
IL5IL6
IA-5Authenticator Management
IL4 ModIL4 HighIL5IL6
IA-5(1)Authenticator Management | Password-based Authentication
IL4 ModIL4 HighIL5IL6
IA-5(2)Authenticator Management | Public Key-based Authentication
IL4 ModIL4 HighIL5IL6
IA-5(6)Authenticator Management | Protection of Authenticators
IL4 ModIL4 HighIL5IL6
IA-5(7)Authenticator Management | No Embedded Unencrypted Static Authenticators
IL4 ModIL4 HighIL5IL6
IA-5(8)Authenticator Management | Multiple System Accounts
IL4 HighIL5IL6
IA-5(13)Authenticator Management | Expiration of Cached Authenticators
IL4 HighIL5IL6
IA-5(14)Authenticator Management | Managing Content of PKI Trust Stores
IL5IL6
IA-5(16)Authenticator Management | In-person or Trusted External Party Authenticator Issuance
IL5IL6
IA-6Authentication Feedback
IL4 ModIL4 HighIL5IL6
IA-7Cryptographic Module Authentication
IL4 ModIL4 HighIL5IL6
IA-8Identification and Authentication (non-organizational Users)
IL4 ModIL4 HighIL5IL6
IA-8(1)Identification and Authentication (non-organizational Users) | Acceptance of PIV Credentials from Other Agencies
IL4 ModIL4 HighIL5IL6
IA-8(2)Identification and Authentication (non-organizational Users) | Acceptance of External Authenticators
IL4 ModIL4 HighIL5IL6
IA-8(4)Identification and Authentication (non-organizational Users) | Use of Defined Profiles
IL4 ModIL4 HighIL5IL6
IA-9Service Identification and Authentication
IL5IL6
IA-10Adaptive Authentication
IL5IL6
IA-11Re-authentication
IL4 ModIL4 HighIL5IL6
IA-12Identity Proofing
IL4 ModIL4 HighIL5IL6
IA-12(1)Identity Proofing | Supervisor Authorization
IL5IL6
IA-12(2)Identity Proofing | Identity Evidence
IL4 ModIL4 HighIL5IL6
IA-12(3)Identity Proofing | Identity Evidence Validation and Verification
IL4 ModIL4 HighIL5IL6
IA-12(4)Identity Proofing | In-person Validation and Verification
IL4 HighIL5IL6
IA-12(5)Identity Proofing | Address Confirmation
IL4 ModIL4 HighIL5IL6