Logo

CISOBot - Your AI CISO Assistant

IAC-28

Identity Proofing (Identity Verification)

Weight: 10/10
Description

Mechanisms exist to verify the identity of a user before issuing authenticators or modifying access permissions.

Control Question

Does the organization verify the identity of a user before issuing authenticators or modifying access permissions?

Control Metadata
Domain:

Identification & Authentication

Validation Cadence:

Annual

Evidence Request List:

E-IAM-02 E-IAM-05 E-IAM-06 E-HRS-18

Have questions about this control?

Ask CISOBot for implementation guidance and best practices