Navigate

CCI-001901

CCI-001901 Definition

Bind the identity of the information producer with the information to an organization-defined strength of binding.

Status
Type	CheckType.technical

Master Assessment Datasheet

Implementation Guidance

Determine if the identity of the information producer is bound with the information to [AU-10(01)_ODP; the strength of binding between the identity of the information producer and the information is defined].

Validation Procedures

Examine: [SELECT FROM: Audit and accountability policy; system security plan; privacy plan; procedures addressing non-repudiation; system design documentation; system configuration settings and associated documentation; system audit records; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with information security and privacy responsibilities; system/network administrators; system developers]. Test: [SELECT FROM: Mechanisms implementing non-repudiation capability].

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-001901.

Control	Description
AU-10(1)	(a): Bind the identity of the information producer with the information to [the strength of binding between the identity of the information producer and the information is defined;] ; and (b): Provide the means for authorized individuals to determine the identity of the producer of the information.