CCI-001295

Implement automated mechanisms to support the management of distributed security function testing.

Implementation Guidance

Determine if: - automated mechanisms are implemented to support the management of distributed security function testing. - automated mechanisms are implemented to support the management of distributed privacy function testing.

Validation Procedures

Examine: [SELECT FROM: System and information integrity policy; system and information integrity procedures; procedures addressing security and privacy function verification; system design documentation; system configuration settings and associated documentation; system audit records; system security plan; privacy plan; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with security and privacy function verification responsibilities; organizational personnel implementing, operating, and maintaining the system; system/network administrators; organizational personnel with information security and privacy responsibilities]. Test: [SELECT FROM: Organizational processes for security and privacy function verification; automated mechanisms supporting and/or implementing the management of distributed security and privacy testing].

The controls below (if any) were marked by NIST as being related to CCI-001295.