NIST 800-53 IA-12 Mappings

Identity proofing is the process of collecting, validating, and verifying a user’s identity information for the purposes of establishing credentials for accessing a system. Identity proofing is intended to mitigate threats to the registration of users and the establishment of their accounts. Standards and guidelines specifying identity assurance levels for identity proofing include SP 800-63-3 and SP 800-63A. Organizations may be subject to laws, executive orders, directives, regulations, or policies that address the collection of identity evidence. Organizational personnel consult with the senior agency official for privacy and legal counsel regarding such requirements.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
IA-12 Identity Proofing Protects T1078.002 Domain Accounts
IA-12 Identity Proofing Protects T1078.003 Local Accounts
IA-12 Identity Proofing Protects T1078 Valid Accounts
IA-12 Identity Proofing Protects T1078.004 Cloud Accounts