CCI-001027

The information system implements cryptographic mechanisms to protect the confidentiality and integrity of information stored on digital media during transport outside of controlled areas.

Implementation Guidance

The organization being inspected/assessed shall document within their Security Plan, and implement, FIPS 140-2 or other NSA approved cryptographic mechanisms to protect the confidentiality and integrity of information stored on digital media during transport outside of controlled areas.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the Security Plan to ensure the organization being inspected has identified FIPS 140-2 or other NSA approved cryptographic mechanisms to protect the confidentiality and integrity of information stored on digital media during transport outside of controlled areas.

Compelling Evidence

1.) Documentation or System Security Plan (SSP) that shows the organization has implemented cryptographic mechanisms to protect the confidentiality and integrity of information stored on digital media during transport outside of controlled areas. 2.) Training documentation for personnel on the guidelines of transporting information system media.

The controls below (if any) were marked by NIST as being related to CCI-001027.