NIST 800-53 REV 5 • IDENTIFICATION AND AUTHENTICATION

IA-5(9)Federated Credential Management

Use the following external organizations to federate credentials: {{ insert: param, ia-05.09_odp }}.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

Supplemental Guidance

Federation provides organizations with the capability to authenticate individuals and devices when conducting cross-organization activities involving the processing, storage, or transmission of information. Using a specific list of approved external organizations for authentication helps to ensure that those organizations are vetted and trusted.

Practitioner Notes

This enhancement addresses federated credential management — using identity federation to manage credentials across organizational boundaries.

Example 1: Implement SAML federation with partner organizations so their users authenticate with their home organization's credentials rather than you issuing and managing separate accounts.

Example 2: Use Azure AD B2B guest access to allow external collaborators to use their own organization's credentials, avoiding the need to manage external user passwords.

More Identification and Authentication Controls

IA-1 Policy and Procedures IA-2 Identification and Authentication (Organizational Users) IA-2(1) Multi-factor Authentication to Privileged Accounts IA-2(2) Multi-factor Authentication to Non-privileged Accounts