>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

IA-12Identity Proofing

IL4 Mod
IL4 High
IL5
IL6

>Control Description

a

Identity proof users that require accounts for logical access to systems based on appropriate identity assurance level requirements as specified in applicable standards and guidelines;

b

Resolve user identities to a unique individual; and

c

Collect, validate, and verify identity evidence.

>DoD Impact Level Requirements

Additional Requirements and Guidance

IA-12 Additional FedRAMP Requirements and Guidance: Guidance: In accordance with NIST SP 800-63A Enrollment and Identity Proofing

>Discussion

Identity proofing is the process of collecting, validating, and verifying a user's identity information for the purposes of establishing credentials for accessing a system. Identity proofing is intended to mitigate threats to the registration of users and the establishment of their accounts. Standards and guidelines specifying identity assurance levels for identity proofing include SP 800-63-3 and SP 800-63A.

Organizations may be subject to laws, executive orders, directives, regulations, or policies that address the collection of identity evidence. Organizational personnel consult with the senior agency official for privacy and legal counsel regarding such requirements.

>Programmatic Queries

Beta

Related Services

AWS IAM Identity Center
Amazon Cognito
AWS IAM

CLI Commands

List identity store users with verification status
aws identitystore list-users --identity-store-id STORE_ID
Get user details for identity proofing verification
aws identitystore describe-user --identity-store-id STORE_ID --user-id USER_ID
List Cognito user pools with MFA configuration
aws cognito-idp list-user-pools --max-results 20
Get MFA configuration for user pool
aws cognito-idp get-user-pool-mfa-config --user-pool-id POOL_ID
Open AWS ConsoleDocumentation

>Related Controls

AC-5
IA-1
IA-2
IA-3
IA-4
IA-5
IA-6
IA-8

>Assessment Interview Topics

Questions assessors commonly ask

Process & Governance:

  • What formal policies and procedures govern the implementation of IA-12 (Identity Proofing)?
  • Who are the designated roles responsible for implementing, maintaining, and monitoring IA-12?
  • How frequently is the IA-12 policy reviewed and updated, and what triggers policy changes?
  • What governance structure ensures IA-12 requirements are consistently applied across all systems?

Technical Implementation:

  • Describe the specific technical mechanisms or controls used to enforce IA-12 requirements.
  • What automated tools, systems, or technologies are deployed to implement IA-12?
  • How is IA-12 integrated into your system architecture and overall security posture?
  • What configuration settings, parameters, or technical specifications enforce IA-12 requirements?

Evidence & Documentation:

  • What documentation demonstrates the complete implementation of IA-12?
  • What audit logs, records, reports, or monitoring data validate IA-12 compliance?
  • Can you provide evidence of periodic reviews, assessments, or testing of IA-12 effectiveness?
  • What artifacts would you present during a FedRAMP assessment to demonstrate IA-12 compliance?

Ask AI

Configure your API key to use AI features.