CCI-001020

The organization protects and controls organization-defined types of information system media during transport outside of controlled areas using organization-defined security safeguards.

Implementation Guidance

The organization being inspected/assessed protects and controls information system media during transport outside of controlled areas using security measures defined in DoDM 5200.01 M Vol. 1-4 and DoDD 5015.2.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the organization's records management policy or process to ensure appropriate protection of information according to its classification or designation during transport outside of controlled areas, IAW security measures defined in DoDM 5200.01 M Vol. 1-4 and DoDD 5015.2.

Compelling Evidence

1.) Signed and dated Records Management Policy, including guidelines to protect information system media during transport outside controlled areas IAW the classification level of the information stored within the information system media.

The controls below (if any) were marked by NIST as being related to CCI-001020.