assurance - [Assurance] RE: Bronze/Silver/other Account Populations?
Subject: Assurance
List archive
- From: "Jones, Mark B" <>
- To: "" <>
- Subject: [Assurance] RE: Bronze/Silver/other Account Populations?
- Date: Tue, 9 Oct 2012 13:13:48 -0500
- Accept-language: en-US
- Acceptlanguage: en-US
Our plan will be to certify our entire population at the Silver IAP. Though the policies that must be put in place for this are not always popular Silver sets the bar relatively low. OMB 0404 describes the LOA that maps to Silver as having only some confidence in the validity of the identity, and these are the accounts we use to access our most valuable systems and data. Aside from the clear risk justification, we have a state law that requires that we know who is accessing our non-public IT resources. We think LoA 2 or above is required to claim compliance. From: [mailto:] On Behalf Of Russell J Yount What goals have institutions set for Bronze or Silver certification of their user populations? Is your institution planning to have all accounts certified for one IAP or certify only some accounts for each IAP? What was the rationale behind the decision? -Russ Russell J. Yount <> Identity Services, Carnegie Mellon University |
- [Assurance] Bronze/Silver/other Account Populations?, Russell J Yount, 10/09/2012
- [Assurance] RE: Bronze/Silver/other Account Populations?, Dunker, Mary, 10/09/2012
- [Assurance] RE: Bronze/Silver/other Account Populations?, Curry, Warren, 10/17/2012
- [Assurance] RE: Bronze/Silver/other Account Populations?, Jones, Mark B, 10/09/2012
- [Assurance] RE: Bronze/Silver/other Account Populations?, Farmer, Jacob, 10/17/2012
- Re: [Assurance] Bronze/Silver/other Account Populations?, Gary Chapman, 10/18/2012
- Re: [Assurance] Bronze/Silver/other Account Populations?, Chamberlin, Dedra, 10/19/2012
- RE: [Assurance] Bronze/Silver/other Account Populations?, Jones, Mark B, 10/19/2012
- [Assurance] RE: Bronze/Silver/other Account Populations?, Dunker, Mary, 10/09/2012
Archive powered by MHonArc 2.6.16.