NIST 800-53 REV 5 • IDENTIFICATION AND AUTHENTICATION

IA-4(6)Cross-organization Management

Coordinate with the following external organizations for cross-organization management of identifiers: {{ insert: param, ia-04.06_odp }}.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

Supplemental Guidance

Cross-organization identifier management provides the capability to identify individuals, groups, roles, or devices when conducting cross-organization activities involving the processing, storage, or transmission of information.

Practitioner Notes

This enhancement requires coordination of identifier management across organizations — when you work with partners or agencies, identifiers need to be managed consistently.

Example 1: Use Azure AD B2B collaboration to manage external partner identities in your directory, maintaining a clear record of which external organization each user belongs to.

Example 2: Establish a federation trust with partner organizations using SAML so their users can authenticate with their home organization's credentials while you maintain control over authorization.

More Identification and Authentication Controls

IA-1 Policy and Procedures IA-2 Identification and Authentication (Organizational Users) IA-2(1) Multi-factor Authentication to Privileged Accounts IA-2(2) Multi-factor Authentication to Non-privileged Accounts