Require users to re-authenticate when ia-11_odp.
|ia-11_odp||circumstances or situations|
In addition to the re-authentication requirements associated with device locks, organizations may require re-authentication of individuals in certain situations, including when roles, authenticators or credentials change, when security categories of systems change, when the execution of privileged functions occurs, after a fixed time period, or periodically.
Related controls 6
- AC-03 Access Enforcement L M H P
- AC-11 Device Lock L M H P
- IA-02 Identification and Authentication (Organizational Users) L M H P
- IA-03 Device Identification and Authentication L M H P
- IA-04 Identifier Management L M H P
- IA-08 Identification and Authentication (non-organizational Users) L M H P