| Control number | Control name | Assessment methods | Notes and guidance documents | SP 800-53A guidance |
| IA-1 | Identification and authentication policy and procedures | Review all organizational identification and authorization (IA) policies. Identify the organizational frequencies for updating the IA policies and procedures. Discuss implementation with System Owner and Security Officer. | FIPS-190, FIPS-201, SP 800-12, SP 800-63, SP 800-73, SP 800-76, SP 800-78, OMB M04-04 | Examine: Identification and authentication policy and procedures; other relevant documents or records. Interview: Organizational personnel with identification and authentication responsibilities; organizational personnel with information security responsibilities. |
| IA-2 | Identification ... |
Get Security Controls Evaluation, Testing, and Assessment Handbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
