CCI-001218

Disseminate an organization-level; mission/business process-level; and/or system level system and information integrity policy to organization-defined personnel or roles.

Implementation Guidance

DoD disseminates DoDI 8510.01 via the DoD Issuances website (http://www.dtic.mil/whs/directives/corres/dir.html) that meets the DoD requirement for a system and information integrity policy. DoD Components are automatically compliant with this CCI because they are covered by the DoD level policy, Risk Management Framework (RMF) for DoD IT (DoDI 8510.01).

Validation Procedures

Documenting and implementing the Risk Management Framework (RMF) for DoD IT (DoDI 8510.01) meets the DoD requirement for a system and information integrity policy. DoD Components are automatically compliant with this CCI because they are covered by the DoD level policy, Risk Management Framework (RMF) for DoD IT (DoDI 8510.01).

Compelling Evidence

Automatically compliant per DoDI 8501.01.

The controls below (if any) were marked by NIST as being related to CCI-001218.