Identification and Authentication Policy and Procedures (IA-1)

Identification, Authentication, and Authorization are controls to facilitate access and to protect university information resources and data.

Identification and Authentication (Organizational Users) (IA-2)

The capability for information resources to uniquely identify and authenticate university faculty, staff, students, and other approved users.

Identifier Management (IA-4)

Identifiers are managed by receiving appropriate authorization to initially assign a user, selecting a unique identifier, preventing the reuse of identifiers, and disabling the user identifier after a period of inactivity or change in job status.

Authenticator Management (IA-5)

User authentication is a means to control who has access to university information resources. The confidentiality, integrity, and availability of information can be lost when access is gained by a non-authorized entity. This, in turn, may result in negative impacts such as loss of revenue, liability, loss of trust, or embarrassment to the university. This Control establishes procedures for the creation, distribution, safeguarding and termination of university user password authentication mechanisms.