CCI-001246

Implementation Guidance

The organization being inspected/assessed documents and implements a process to centrally manage malicious code protection mechanisms.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented process to ensure the organization being inspected/assessed centrally manages malicious code protection mechanisms.

Compelling Evidence

1.) Signed and dated system security plan with section that confirms malicious code is being blocked and quarantined and a reference to the section pertaining to how process is centrally managed. 2.) Complete protection software logs.