IA-5(16): In-person or Trusted External Party Authenticator Issuance

CSF v1.1 References:

Threats Addressed:


(Not part of any baseline)

Info icon.

Control is new to this version of the control set.

Control Statement

Require that the issuance of [Assignment: organization-defined types of and/or specific authenticators] be conducted [Assignment: in person, by a trusted external party] before [Assignment: organization-defined registration authority] with authorization by [Assignment: organization-defined personnel or roles].

Supplemental Guidance

Issuing authenticators in person or by a trusted external party enhances and reinforces the trustworthiness of the identity proofing process.