IA-11

  • Requirement

    Require users to re-authenticate when [Assignment: organization-defined circumstances or situations requiring re-authentication].

  • Discussion

    In addition to the re-authentication requirements associated with device locks, organizations may require re-authentication of individuals in certain situations, including when roles, authenticators or credentials change, when security categories of systems change, when the execution of privileged functions occurs, after a fixed time period, or periodically.

More Info

  • Title

    Re-authentication

  • Family

    Identification and Authentication

  • Related NIST 800-53 ID

    AC-3;AC-11;IA-2;IA-3;IA-4;IA-8

CMMC Training

Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!

Learn More