Overview:
The information system accepts and electronically verifies Personal Identity Verification (PIV) credentials.
Supplemental Guidance:
This control enhancement applies to organizations implementing logical access control systems (LACS) and physical access control systems (PACS). Personal Identity Verification (PIV) credentials are those credentials issued by federal agencies that conform to FIPS Publication 201 and supporting guidance documents. OMB Memorandum 11-11 requires federal agencies to continue implementing the requirements specified in HSPD-12 to enable agency-wide use of PIV credentials.
Related controls: AU-2, PE-3, SA-4.
Action Items:
1) The information system accepts and electronically verifies Personal Identity Verification (PIV) credentials
Related Documents:
1) Identity and Access Management Policy
Additional Guidance:
Moderate FedRAMP-Defined Assignment / Selection Parameters
none
Moderate Additional FedRAMP Requirements and Guidance
IA-2 (12) Guidance: Include Common Access Card (CAC), i.e., the DoD technical implementation of PIV/FIPS 201/HSPD-12.
Article ID: 698
Created: September 30, 2022
Last Updated: September 30, 2022
Author: Matthew Burdick
Online URL: http://www.compliancewiki.org/article/acceptance-of-piv-credentials-ia-2-12-698.html