CCI-004107

Implementation Guidance

Determine if externally proofed identities are accepted [IA-12(06)_ODP; an identity assurance level for accepting externally proofed identities is defined].

Validation Procedures

Examine: [SELECT FROM: Identification and authentication policy; procedures addressing identity proofing; system security plan; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with system operations responsibilities; organizational personnel with information security responsibilities; system/network administrators; system developers; organizational personnel with identification and authentication responsibilities]. Test: [SELECT FROM: Mechanisms supporting and/or implementing identification and authentication capabilities].