Navigate

CCI-002081

CCI-002081 Definition

The organization defines the information systems that employ either an allow-all, deny-by-exception or a deny-all, permit-by-exception policy for allowing connections to external information systems.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

DoD has defined the information systems as any systems requiring external connectivity.

Validation Procedures

The organization being inspected/assessed is automatically compliant with this CCI because they are covered at the DoD level. DoD has defined the information systems as any systems requiring external connectivity.

Compelling Evidence

Automatically Compliant

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002081.

Control	Description
CA-3 (5)	The organization employs [Selection: allow-all, deny-by-exception; deny-all, permit-by-exception] policy for allowing [Assignment: organization-defined information systems] to connect to external information systems.