CCI-001371

Defines security or privacy policy filters requiring fully enumerated formats which are to be implemented when transferring information between different security domains.

Implementation Guidance

The organization being inspected/assessed defines and documents information security policy filters requiring fully enumerated formats which are to be implemented when transferring information between different security domains. DoD has determined the information security policy filters are not appropriate to define at the Enterprise level.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented information security policy filters to ensure the organization being inspected/assessed defines. information security policy filters requiring fully enumerated formats which are to be implemented when transferring information between different security domains. DoD has determined the frequency is not appropriate to define at the Enterprise level.

Compelling Evidence

1.) Signed and dated documentation that defines the information security policy filters requiring fully enumerated formats which are to be implemented when transferring information between different security domains.

The controls below (if any) were marked by NIST as being related to CCI-001371.