Navigate

CCI-001517

CCI-001517 Definition

The organization rescreens individuals with authorized access to the information system according to organization-defined conditions requiring rescreening, and where rescreening is so indicated, on the organization-defined frequency of such rescreening.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The information system owner will rescreen individuals according to system owner defined list of conditions requiring rescreening (CCI-001518) individuals for access to the information system and frequency (CCI - 001519) of such rescreening. Rescreening actions will be maintained as an audit trail (AU-2).

Validation Procedures

The organization conducting the inspection/assessment obtains and examines audit records of rescreening actions to ensure the system owner is rescreening individuals according to a system owner-defined list of conditions requiring rescreening and, where re-screening is so indicated, based on the system owner-defined frequency of such rescreening.

Compelling Evidence

1.) Audit records of rescreening actions.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-001517.

Control	Description
PS-3	The organization: PS-3a.: Screens individuals prior to authorizing access to the information system; and PS-3b.: Rescreens individuals according to [Assignment: organization-defined conditions requiring rescreening and, where rescreening is so indicated, the frequency of such rescreening].