IA-5 (5)
IA-5 (5) Description
The organization requires developers/installers of information system components to provide unique authenticators or change default authenticators prior to delivery/installation.
Supplemental
This control enhancement extends the requirement for organizations to change default authenticators upon information system installation, by requiring developers and/or installers to provide unique authenticators or change default authenticators for system components prior to delivery and/or installation. However, it typically does not apply to the developers of commercial off-the-shelve information technology products. Requirements for unique authenticators can be included in acquisition documents prepared by organizations when procuring information systems or system components.
CIA Levels | |
---|---|
Confidentiality | unknown |
Integrity | unknown |
Availability | unknown |
Overlays |
---|
Cross Domain (Access), Cross Domain (Multilevel), Cross Domain (Transfer), NC3 |