CCI-001517
CCI-001517 Definition
Rescreen individuals with authorized access to the system in accordance with organization-defined conditions requiring rescreening, and where rescreening is so indicated, on the organization-defined frequency of rescreening.
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
The information system owner will rescreen individuals according to system owner defined list of conditions requiring rescreening (CCI-001518) individuals for access to the information system and frequency (CCI - 001519) of such rescreening. Rescreening actions will be maintained as an audit trail (AU-2).
Validation Procedures
The organization conducting the inspection/assessment obtains and examines audit records of rescreening actions to ensure the system owner is rescreening individuals according to a system owner-defined list of conditions requiring rescreening and, where re-screening is so indicated, based on the system owner-defined frequency of such rescreening.
Compelling Evidence
1.) Audit records of rescreening actions.