NIST 800-53 REV 5 • IDENTIFICATION AND AUTHENTICATION

IA-12(6)Accept Externally-proofed Identities

Accept externally-proofed identities at {{ insert: param, ia-12.06_odp }}.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

Supplemental Guidance

To limit unnecessary re-proofing of identities, particularly of non-PIV users, organizations accept proofing conducted at a commensurate level of assurance by other agencies or organizations. Proofing is consistent with organizational security policy and the identity assurance level appropriate for the system, application, or information accessed. Accepting externally-proofed identities is a fundamental component of managing federated identities across agencies and organizations.

Practitioner Notes

This enhancement allows your organization to accept identity proofing performed by trusted external organizations — avoiding redundant proofing when someone has already been vetted.

Example 1: Accept Login.gov IAL2 identity proofing for external users rather than conducting your own identity proofing process from scratch.

Example 2: Accept identity proofing results from a partner agency that uses NIST SP 800-63A compliant processes, documented in an inter-agency agreement.

More Identification and Authentication Controls

IA-1 Policy and Procedures IA-2 Identification and Authentication (Organizational Users) IA-2(1) Multi-factor Authentication to Privileged Accounts IA-2(2) Multi-factor Authentication to Non-privileged Accounts