Navigate

CCI-002005

CCI-002005 Definition

For biometric-based authentication, employ mechanisms that satisfy organization-defined biometric quality requirements.

Status
Type	CheckType.technical

Master Assessment Datasheet

Implementation Guidance

Determine if mechanisms that satisfy [IA-05(12)_ODP; biometric quality requirements for biometric-based authentication are defined] are employed for biometric-based authentication.

Validation Procedures

Examine: [SELECT FROM: Identification and authentication policy; procedures addressing authenticator management; system security plan; system design documentation; mechanisms employing biometric-based authentication for the system; list of biometric quality requirements; system configuration settings and associated documentation; system audit records; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with authenticator management responsibilities; organizational personnel with information security responsibilities; system/network administrators; system developers]. Test: [SELECT FROM: Mechanisms supporting and/or implementing biometric-based authenticator management capability].

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002005.

Control	Description
IA-5(12)	For biometric-based authentication, employ mechanisms that satisfy the following biometric quality requirements [biometric quality requirements for biometric-based authentication are defined;].