NIST 800-53 REV 5 • IDENTIFICATION AND AUTHENTICATION

IA-4(2)Supervisor Authorization

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

No related controls listed

Practitioner Notes

This enhancement requires supervisor authorization before new identifiers are issued — someone in authority must approve new account creation.

Example 1: Configure your ServiceNow new account request workflow to require the employee's direct supervisor to approve the request before the IT help desk creates the account.

Example 2: In your Active Directory account creation procedure, require a signed supervisor approval form that specifies the access level needed before an account is provisioned.

More Identification and Authentication Controls

IA-1 Policy and Procedures IA-2 Identification and Authentication (Organizational Users) IA-2(1) Multi-factor Authentication to Privileged Accounts IA-2(2) Multi-factor Authentication to Non-privileged Accounts