>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

IA-5Authenticator Management

>Control Description

Manage system authenticators by: a. Verifying, as part of the initial authenticator distribution, the identity of the individual, group, role, service, or device receiving the authenticator; b. Establishing initial authenticator content for any authenticators issued by the organization; c. Ensuring that authenticators have sufficient strength of mechanism for their intended use; d. Establishing and implementing administrative procedures for initial authenticator distribution, for lost or compromised or damaged authenticators, and for revoking authenticators; e. Changing default authenticators prior to first use; f. Changing or refreshing authenticators organization-defined time period by authenticator type or when organization-defined events occur; g. Protecting authenticator content from unauthorized disclosure and modification; h. Requiring individuals to take, and having devices implement, specific controls to protect authenticators; and i. Changing authenticators for group or role accounts when membership to those accounts changes.

>Related Controls

AC-3
AC-6
CM-6
IA-2
IA-4
IA-7
IA-8
IA-9
MA-4
PE-2
PL-4
SC-12
SC-13

Ask AI

Configure your API key to use AI features.