Identification & Authentication (Organizational Users) | IA-2

Description

  • Organizational users must be uniquely identified and authenticated before access is granted to an information resource as specified in AC-2.
  • As specified in control AC-14, public websites, information kiosks and other situations where risk analysis demonstrates no need for individual accountability of users are exempt.

Last updated: 5/13/2026

Contact Hours or Questions?

Information on Tech Support