>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

PR.AA-04Identity assertions are protected, conveyed, and verified

>Control Description

This identity management, authentication, and access control subcategory ensures that identity assertions are protected, conveyed, and verified. Key activities include: Protect identity assertions that are used to convey authentication and user information through single sign-on systems; Protect identity assertions that are used to convey authentication and user information between federated systems; Implement standards-based approaches for identity assertions in all contexts, and follow all guidance for the generation (e.

>Cross-Framework Mappings

NIST SP 800-53 r5

via NIST CSF 2.0 Concept Crosswalk
IA-13
Compare

PCI DSS v4.0.1

via NIST OLIR Catalog
12.3.3
Compare
3.6.1
Compare
3.6.1.1
Compare
3.6.1.2
Compare
3.6.1.3
Compare
3.6.1.4
Compare
4.2.1
Compare

ISO 27001:2022

via NIST OLIR Catalog
5.16
Compare

SOC 2 TSC

CC6.2
Compare

SCF

IAC-01.2
Compare
IAC-02.2
Compare
IAC-03.5
Compare

>Informative References

Official NIST mappings to external frameworks and standards. Source: NIST CSF 2.0

CCMv4.0

IAM-01
IAM-03
IAM-16

CRI Profile v2.0

PR.AA-04
PR.AA-04.01

ISO/IEC 27001:2022

Mandatory Clause: None
Annex A Controls: 5.16

NICE Framework

DD-WRL-001
IO-WRL-002
IO-WRL-003
IO-WRL-005
OG-WRL-013
OG-WRL-014
PD-WRL-004

PCI DSS

12.3.3
3.6.1
3.6.1.1
3.6.1.2
3.6.1.3
3.6.1.4
4.2.1

SCF

IAC-01.2
IAC-02.2

SP 800-53 Rev 5.1.1

IA-13

SP 800-53 Rev 5.2.0

IA-13

Ask AI

Configure your API key to use AI features.