CCI-001046
CCI-001046 Definition
Document the security categorization results including supporting rationale in the security plan for the system.
| Status | |
| Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
Determine if the security categorization results, including supporting rationale, are documented in the security plan for the system.
Validation Procedures
Examine: [SELECT FROM: Risk assessment policy; security planning policy and procedures; procedures addressing security categorization of organizational information and systems; security categorization documentation; system security plan; privacy plan; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with security categorization and risk assessment responsibilities; organizational personnel with security and privacy responsibilities]. Test: [SELECT FROM: Organizational processes for security categorization].