PR.AA-01—Identities and credentials for authorized users, services, and hardware are managed by the organization
>Control Description
This identity management, authentication, and access control subcategory ensures that identities and credentials for authorized users, services, and hardware are managed by the organization. Key activities include: Initiate requests for new access or additional access for employees, contractors, and others, and track, review, and fulfill the requests, with per...; Issue, manage, and revoke cryptographic certificates and identity tokens, cryptographic keys (i; Select a unique identifier for each device from immutable hardware characteristics or an identifier securely provisioned to the device.
>Cross-Framework Mappings
NIST SP 800-53 r5
via NIST CSF 2.0 Concept CrosswalkPCI DSS v4.0.1
via NIST OLIR Catalog>Informative References
Official NIST mappings to external frameworks and standards. Source: NIST CSF 2.0
CCMv4.0
CEK-01
CEK-10
CEK-11
CEK-12
CEK-13
CEK-14
CEK-15
CEK-16
+16 more
CIS Controls v8.0
5.1
6.7
CIS Controls v8.1
5.1
5.6
6.7
CRI Profile v2.0
PR.AA-01
PR.AA-01.01
PR.AA-01.02
CSF v1.1
PR.AC-1
ISO/IEC 27001:2022
Mandatory Clause: None
Annex A Controls: 5.15
Annex A Controls: 5.18
Annex A Controls: 8.2
Annex A Controls: 8.5
NICE Framework
DD-WRL-001
IO-WRL-003
IO-WRL-005
OG-WRL-013
OG-WRL-014
PD-WRL-004
PCI DSS
8.2.1
8.6.2
8.6.3
3.6.1
3.6.1.1
3.6.1.2
3.6.1.3
3.6.1.4
+2 more
SCF
IAC-02
IAC-03
IAC-04
IAC-05
SP 800-171 Rev 3
03.01.01
03.05.01
03.05.02
03.05.03
03.05.04
03.05.05
03.05.07
03.05.11
+2 more
SP 800-53 Rev 5.1.1
AC-01
AC-02
AC-14
IA-01
IA-02
IA-03
IA-04
IA-05
+6 more
SP 800-53 Rev 5.2.0
AC-01
AC-02
AC-14
IA-01
IA-02
IA-03
IA-04
IA-05
+6 more
Ask AI
Configure your API key to use AI features.