Navigate

CCI-001165

CCI-001165 Definition

The organization controls the use of mobile code within the information system.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed documents and implements a process to control the use of mobile code within the information system.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented process and examines the information system to ensure the organization being inspected/assessed controls the use of mobile code within the information system.

Compelling Evidence

1.) Signed and dated system and communications protection policy (reference mobile code section).

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-001165.

Control	Description
SC-18	The organization: SC-18a.: Defines acceptable and unacceptable mobile code and mobile code technologies; SC-18b.: Establishes usage restrictions and implementation guidance for acceptable mobile code and mobile code technologies; and SC-18c.: Authorizes, monitors, and controls the use of mobile code within the information system.