Navigate

CCI-001645

CCI-001645 Definition

The organization identifies the information system components to which privileged access is authorized for selected organization-defined vulnerability scanning activities.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

DoD has defined the information system components as all information systems and infrastructure components.

Validation Procedures

The organization being inspected/assessed is automatically compliant with this CCI because they are covered at the DoD level. DoD has defined the information system components as all information systems and infrastructure components.

Compelling Evidence

Automatically compliant.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-001645.

Control	Description
RA-5 (5)	The information system implements privileged access authorization to [Assignment: organization-identified information system components] for selected [Assignment: organization-defined vulnerability scanning activities].