zydronium/manage.get.gov

mirror of https://github.com/cisagov/manage.get.gov.git synced 2025-08-03 08:22:18 +02:00

Add compliance documentation to source control (#116 )

* add initial setup of compliance-trestle

2022-09-14 08:46:43 -04:00

1.4 KiB

Raw Blame History

implementation-status

control-origination

c-not-implemented

c-inherited-cloud-gov

c-inherited-cisa

c-common-control

c-system-specific-control

ia-2.12 - [catalog] Acceptance of PIV Credentials

Control Statement

Accept and electronically verify Personal Identity Verification-compliant credentials.

Control guidance

Acceptance of Personal Identity Verification (PIV)-compliant credentials applies to organizations implementing logical access control and physical access control systems. PIV-compliant credentials are those credentials issued by federal agencies that conform to FIPS Publication 201 and supporting guidance documents. The adequacy and reliability of PIV card issuers are authorized using SP 800-79-2 . Acceptance of PIV-compliant credentials includes derived PIV credentials, the use of which is addressed in SP 800-166 . The DOD Common Access Card (CAC) is an example of a PIV credential.

Control assessment-objective

Personal Identity Verification-compliant credentials are accepted and electronically verified.

What is the solution and how is it implemented?

Add control implementation description here for control ia-2.12

1.4 KiB Raw Blame History