IA-8.2: Acceptance of External Authenticators

only external authenticators that are NIST-compliant are accepted;

Identification and authentication policy

system security plan

procedures addressing user identification and authentication

system design documentation

system configuration settings and associated documentation

system audit records

list of third-party credentialing products, components, or services procured and implemented by organization

third-party credential verification records

evidence of third-party credentials

third-party credential authorizations

other relevant documents or records

Organizational personnel with system operations responsibilities

organizational personnel with information security responsibilities

system/network administrators

system developers

organizational personnel with account management responsibilities

Mechanisms supporting and/or implementing identification and authentication capabilities

mechanisms that accept external credentials