IA-11: Re-Authentication

Control Family:

Identification And Authentication

Priority:

P0: Security control not selected in any baseline.

CSF v1.1 References:

PR.AC-1
PR.AC-7

PF v1.0 References:

PR.AC-P1
PR.AC-P6

Threats Addressed:

Spoofing
Repudiation

Baselines:

Low
N/A
Moderate
N/A
High
N/A

Next Version:

NIST Special Publication 800-53 Revision 5:
IA-11: Re-authentication

Control Statement

The organization requires users and devices to re-authenticate when [Assignment: organization-defined circumstances or situations requiring re-authentication].

Supplemental Guidance

In addition to the re-authentication requirements associated with session locks, organizations may require re-authentication of individuals and/or devices in other situations including, for example: (i) when authenticators change; (ii), when roles change; (iii) when security categories of information systems change; (iv), when the execution of privileged functions occurs; (v) after a fixed period of time; or (vi) periodically.

Control Statement

Supplemental Guidance

Related Controls

NIST Special Publication 800-53 Revision 4

Critical Security Controls Version 7.1