← Back to catalog
IA-11

Re-authentication

Identification and Authentication (IA)
Baselines
Low · IncludedModerate · IncludedHigh · Included
Description

Require users to re-authenticate when [assignment].

Discussion

In addition to the re-authentication requirements associated with device locks, organizations may require re-authentication of individuals in certain situations, including when roles, authenticators or credentials change, when security categories of systems change, when the execution of privileged functions occurs, after a fixed time period, or periodically.

Implementation guidance

No content available.

CSF 2.0 crosswalk
PR.AA-01Identities and credentials for authorized users, services, and hardware are managed by the organizationProtect
PR.AA-03Users, services, and hardware are authenticatedProtect