Navigate

CCI-001430

CCI-001430 Definition

The organization identifies human-readable, standard naming conventions for identifying security attributes on output.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

DoD has defined the human readable, standard naming conventions for security attributes relating to classification as human readable, standard naming conventions IAW DODI 5200.1R; for TS SCI, IAW Controlled Access Program Coordination Office (CAPCO) register. For all other security attributes, not appropriate to define at the Enterprise level. The organization being inspected/assessed defines and documents all other security attributes not relating to classification.

Validation Procedures

DoD has defined the human readable, standard naming conventions for security attributes relating to classification as human readable, standard naming conventions IAW DODI 5200.1R; for TS SCI, IAW Controlled Access Program Coordination Office (CAPCO) register. For all other security attributes, not appropriate to define at the Enterprise level. The organization conducting the inspection/assessment obtains and examines the documented security attributes not relating to classification to ensure the organization being inspected/assessed identifies human readable, standard naming conventions for identifying security attributes on output.

Compelling Evidence

1.) Signed and dated documentation of security attributes for identification of human readable, standard naming conventions for identifying security attributes on output.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-001430.

Control	Description
AC-16 (5)	The information system displays security attributes in human-readable form on each object that the system transmits to output devices to identify [Assignment: organization-identified special dissemination, handling, or distribution instructions] using [Assignment: organization-identified human-readable, standard naming conventions].