NIST 800-53 REV 5 • AUDIT AND ACCOUNTABILITY

AU-10(1)Association of Identities

Bind the identity of the information producer with the information to {{ insert: param, au-10.01_odp }} ; and Provide the means for authorized individuals to determine the identity of the producer of the information.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

Supplemental Guidance

Binding identities to the information supports audit requirements that provide organizational personnel with the means to identify who produced specific information in the event of an information transfer. Organizations determine and approve the strength of attribute binding between the information producer and the information based on the security category of the information and other relevant risk factors.

Practitioner Notes

Bind the identity of the person performing the action to the audit record. The system must be able to prove not just that an action occurred, but exactly who did it.

Example 1: Enforce individual accounts (no shared accounts) and require MFA for authentication. When the audit log records an action by john.smith@company.com, the MFA verification provides strong assurance that it was actually John — not someone who guessed his password.

Example 2: For high-assurance environments, require PKI certificate-based authentication (CAC/PIV cards). The certificate cryptographically binds the user's identity to their session. Configure Windows logon to require smart card authentication via GPO at Interactive logon: Require smart card set to Enabled.

More Audit and Accountability Controls

AU-1 Policy and Procedures AU-2 Event Logging AU-2(1) Compilation of Audit Records from Multiple Sources AU-2(2) Selection of Audit Events by Component