Navigate

CCI-001763

CCI-001763 Definition

Defines the policies regarding software program usage and restrictions.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed defines and documents their rules for approval of software program usage. For network capable software programs, the organization being inspected/assessed complies with DoDI 8551. DoD has determined that the rules authorizing the terms and conditions of software program usage on the information system are not appropriate to define at the Enterprise level.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the rules as well as the software list to ensure that all network capable software programs are DoDI 8551 compliant and that the rules authorizing the use of all other programs are defined. DoD has determined that the rules authorizing the terms and conditions of software program usage on the information system are not appropriate to define at the Enterprise level.

Compelling Evidence

1.) Approved software list 2.) Rules for approval of software program usage

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-001763.

Control	Description
CM-7(2)	The information system prevents program execution in accordance with [one or more of " {{ insert: param, cm-7.2_prm_2 }} "/"rules authorizing the terms and conditions of software program usage"].