STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← All Controls

IA-2 (12)

Identification and AuthenticationRev 5system

Identification and Authentication (Organizational Users)

Baselines:LowModerateHigh

Control Statement

Accept and electronically verify Personal Identity Verification-compliant credentials.

Supplemental Guidance

Acceptance of Personal Identity Verification (PIV)-compliant credentials applies to organizations implementing logical access control and physical access control systems. PIV-compliant credentials are those credentials issued by federal agencies that conform to FIPS Publication 201 and supporting guidance documents. The adequacy and reliability of PIV card issuers are authorized using [SP 800-79-2](#10963761-58fc-4b20-b3d6-b44a54daba03) . Acceptance of PIV-compliant credentials includes derived PIV credentials, the use of which is addressed in [SP 800-166](#e8552d48-cf41-40aa-8b06-f45f7fb4706c) . The DOD Common Access Card (CAC) is an example of a PIV credential.

CCI Identifiers (2)

CCI-001954Electronically verify Personal Identity Verification-compliant credentials.CCI-001953Accept Personal Identity Verification-compliant credentials.

Linked STIG Checks (113)

Across 72 STIGs. Click to expand.