Organizational MFA Options and Reauthentication duration

Looking here (Mandatory Two-Factor Authentication • Asana Product Guide), I am working on making MFA mandatory for my company’s employees. I am trying to understand what options exist for the requirement and configuration.

  1. How often will users be prompted to reauthenticate with their MFA options?
  2. Can this duration be changed?
  3. What other controls will we have access to?