Navigate

CCI-001560

CCI-001560 Definition

The organization identifies individuals (or processes acting on behalf of individuals) authorized to associate organization-defined security attributes with organization-defined objects.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed identifies and documents individuals (or processes acting on behalf of individuals) authorized to associate security attributes defined in AC-16 (4), CCI 2288 with objects defined in AC-16 (4), CCI 2287.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented individuals to ensure the organization being inspected/assessed identifies individuals (or processes acting on behalf of individuals) authorized to associate security attributes defined in AC-16 (4), CCI 2288 with objects defined in AC-16 (4), CCI 2287.

Compelling Evidence

1.) Signed and dated documentation that defines the individuals (or processes acting on behalf of individuals) authorized to associate security attributes defined in AC-16 (4), CCI 2288 with objects defined in AC-16 (4), CCI 2287.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-001560.

Control	Description
AC-16(4)	The information system supports the association of [organization-defined security attributes] with [organization-defined subjects and objects] by authorized individuals (or processes acting on behalf of individuals).