IAC-10.14 ยท Passkeys

Control Description

Mechanisms exist to utilize passkeys, or equivalent cryptographic key pairing technologies, to authenticate users to Technology Assets, Applications and/or Services (TAAS).

Control Question
Assessment question for control validation

Does the organization utilize passkeys, or equivalent cryptographic key pairing technologies, to authenticate users to Technology Assets, Applications and/or Services (TAAS)?

Control Weighting
8
Validation Cadence
Annual
NIST CSF Function
Protect
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 3 - Tactical
Errata & Additional Notes

- new control