IAC-06—Multi-Factor Authentication (MFA)
Weight: 9
>Control Description
Automated mechanisms exist to enforce Multi-Factor Authentication (MFA) for:
(1) Remote network access;
(2) Third-party Technology Assets, Applications and/or Services (TAAS); and/ or
(3) Non-console access to critical TAAS that store, transmit and/or process sensitive/regulated data.
>Cross-Framework Mappings
CMMC v2.0
Canada ITSP 10.171
Australia ISM
ISM-0974
CompareISM-1173
CompareISM-1401
CompareISM-1504
CompareISM-1505
CompareISM-1559
CompareISM-1560
CompareISM-1561
CompareISM-1679
CompareISM-1680
CompareISM-1681
CompareISM-1682
CompareISM-1683
CompareISM-1685
CompareISM-1872
CompareISM-1873
CompareISM-1874
CompareISM-1892
CompareISM-1893
CompareISM-1894
CompareISM-1919
CompareISM-1920
CompareSOC 2 TSC (Detailed)
NIST SP 800-171 Rev 3
NIST SP 800-171A Rev 3
NIST SP 800-207 Zero Trust
DHS TIC 3.0
GLBA (16 CFR 314)
NERC CIP
NY DFS 23 NYCRR 500
Ask AI
Configure your API key to use AI features.