Navigate

CCI-001751

CCI-001751 Definition

The organization defines system-level information requiring enforcement of a dual authorization for information system changes.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed defines and documents system-level information requiring enforcement of a dual authorization for information system changes. DoD has determined to the information is not appropriate to define at the Enterprise level.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented system-level information to ensure the organization being inspected/assessed defines the system-level information requiring enforcement of a dual authorization for information system changes. DoD has determined to the information is not appropriate to define at the Enterprise level.

Compelling Evidence

1.) Documentation that defines system-level information requiring enforcement of a dual authorization for information system changes

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-001751.

Control	Description
CM-5 (4)	The organization enforces dual authorization for implementing changes to [Assignment: organization-defined information system components and system-level information].