IA-11: Re-authentication

Control Family:

Identification and Authentication

CSF v1.1 References:

PR.AC-1
PR.AC-7

PF v1.0 References:

PR.AC-P1
PR.AC-P6

Threats Addressed:

Spoofing
Repudiation

Baselines:

Low
- IA-11
Moderate
- IA-11
High
- IA-11
Privacy
N/A

Previous Version:

NIST Special Publication 800-53 Revision 4:
IA-11: Re-Authentication

Control Statement

Require users to re-authenticate when [Assignment: organization-defined circumstances or situations requiring re-authentication].

Supplemental Guidance

In addition to the re-authentication requirements associated with device locks, organizations may require re-authentication of individuals in certain situations, including when roles, authenticators or credentials change, when security categories of systems change, when the execution of privileged functions occurs, after a fixed time period, or periodically.

Control Statement

Supplemental Guidance

Related Controls

NIST Special Publication 800-53 Revision 5

Critical Security Controls Version 7.1