STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← All Controls

IA-4

Identification and AuthenticationRev 5organization

Identifier Management

Baselines:LowModerateHigh

Control Statement

Manage system identifiers by:

Supplemental Guidance

Common device identifiers include Media Access Control (MAC) addresses, Internet Protocol (IP) addresses, or device-unique token identifiers. The management of individual identifiers is not applicable to shared system accounts. Typically, individual identifiers are the usernames of the system accounts assigned to those individuals. In such instances, the account management activities of [AC-2](#ac-2) use account names provided by [IA-4](#ia-4) . Identifier management also addresses individual identifiers not necessarily associated with system accounts. Preventing the reuse of identifiers implies preventing the assignment of previously used individual, group, role, service, or device identifiers to different individuals, groups, roles, services, or devices.

Related Controls (17)

AC-5IA-2IA-3IA-5IA-8IA-9IA-12MA-4PE-2PE-3PE-4PL-4PM-12PS-3PS-4PS-5SC-37

CCI Identifiers (18)

CCI-000792The organization manages information system identifiers for users and devices by preventing reuse of user identifiers for an organization-defined time period.CCI-000793The organization manages information system identifiers for users and devices by preventing reuse of device identifiers for an organization-defined time period.CCI-000794The organization defines a time period of inactivity after which the identifier is disabled.CCI-000795The organization manages information system identifiers by disabling the identifier after an organization-defined time period of inactivity.CCI-000789The organization manages information system identifiers for users and devices by assigning the device identifier to the intended device.CCI-000790The organization defines a time period for which the reuse of user identifiers is prohibited.CCI-000791The organization defines a time period for which the reuse of device identifiers is prohibited.CCI-000784The organization manages information system identifiers for users and devices by receiving authorization from a designated organizational official to assign a user identifier.

Linked STIG Checks (43)

Across 42 STIGs. Click to expand.

CCI-000785The organization manages information system identifiers for users and devices by receiving authorization from a designated organizational official to assign a device identifier.
CCI-000786The organization manages information system identifiers for users and devices by selecting an identifier that uniquely identifies an individual.
CCI-000787The organization manages information system identifiers for users and devices by selecting an identifier that uniquely identifies a device.
CCI-000788The organization manages information system identifiers for users and devices by assigning the user identifier to the intended party.
CCI-001970Defines the personnel or roles that authorize the assignment of individual, group, role, and device identifiers.
CCI-001971Manage system identifiers by receiving authorization from organization-defined personnel or roles to assign an individual, group, role, or device identifier.
CCI-001972Manage system identifiers by selecting an identifier that identifies an individual, group, role, or device.
CCI-001973Manage system identifiers by assigning the identifier to the intended individual, group, role, or device.
CCI-001974Defines the time period for which the reuse of identifiers is prohibited.
CCI-001975Manage system identifiers by preventing reuse of identifiers for an organization-defined time period.