Identification and Authentication (Non-Organizational Users) | IA-8

Description

  • Non-organizational users must be uniquely identified and authenticated before access is granted to an information resource as detailed in control AC-2.
  • As specified in control AC-14, public websites, information kiosks and other situations where risk analysis demonstrates no need for individual accountability of users are exempt.

Last updated: 5/13/2026

Contact Hours or Questions?

Information on Tech Support