NIST 800-53 REV 5 • IDENTIFICATION AND AUTHENTICATION

IA-5(3)In-person or Trusted External Party Registration

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

No related controls listed

Practitioner Notes

This enhancement requires in-person or trusted third-party registration when issuing authenticators — verifying identity before handing out credentials.

Example 1: Require new employees to register their MFA device (phone or hardware token) in person at the IT service desk after showing their employee badge and photo ID.

Example 2: For remote employees, use a trusted HR representative at the employee's location to verify identity via video call before the IT team activates their credentials.

More Identification and Authentication Controls

IA-1 Policy and Procedures IA-2 Identification and Authentication (Organizational Users) IA-2(1) Multi-factor Authentication to Privileged Accounts IA-2(2) Multi-factor Authentication to Non-privileged Accounts