CCI-001832

The organization disseminates the audit and accountability policy to organization-defined personnel or roles.

Implementation Guidance

The organization being inspected/assessed disseminates, via an information sharing capability, to the ISSO and ISSM and others as the local organization deems appropriate an audit and accountability policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance. DoD has defined the personnel or roles as the ISSO and ISSM and others as the local organization deems appropriate.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the audit and accountability procedures via the inspected organization's information sharing capability (e.g. portal, intranet, email, etc) to ensure it has been disseminated.

Compelling Evidence

1.) List of personnel to whom accountability policy was disseminated

The controls below (if any) were marked by NIST as being related to CCI-001832.