Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
OSCAL
OSCAL Profiles
FedRAMP Rev 5 Low Baseline
IA
IA: Identification and Authentication
An OSCAL Group
Details
Subcontrols
16
IA-1 - Policy and Procedures
IA-2 - Identification and Authentication (Organizational Users)
4 Subcontrols
IA-2.1 - Multi-factor Authentication to Privileged Accounts
IA-2.2 - Multi-factor Authentication to Non-privileged Accounts
IA-2.8 - Access to Accounts — Replay Resistant
IA-2.12 - Acceptance of PIV Credentials
IA-4 - Identifier Management
IA-5 - Authenticator Management
1 Subcontrol
IA-5.1 - Password-based Authentication
IA-6 - Authentication Feedback
IA-7 - Cryptographic Module Authentication
IA-8 - Identification and Authentication (Non-organizational Users)
3 Subcontrols
IA-8.1 - Acceptance of PIV Credentials from Other Agencies
IA-8.2 - Acceptance of External Authenticators
IA-8.4 - Use of Defined Profiles
IA-11 - Re-authentication