The organization employs only FICAM-approved information system components in [Assignment:
organization-defined information systems] to accept third-party credentials.
Not appropriate for DoD to define for all CSP's infrastructure or service offerings
DoD RMF TAG
This control enhancement typically applies to information systems that are accessible to the general public, for example, public-facing websites. FICAM-approved information system components include, for example, information technology products and software libraries that have been approved by the Federal Identity, Credential, and Access Management conformance program.