Navigate

CCI-002191

CCI-002191 Definition

Defines the information flow control policies to be enforced by the information system using protected processing domains.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Determine if protected processing domains are used to enforce [AC-04(02)_ODP; information flow control policies to be enforced by use of protected processing domains are defined] as a basis for flow control decisions.

Validation Procedures

Examine: [SELECT FROM: Access control policy; information flow control policies; procedures addressing information flow enforcement; system design documentation; system security architecture and associated documentation; system configuration settings and associated documentation; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: System/network administrators; organizational personnel with information security responsibilities]. Test: [SELECT FROM: Mechanisms implementing information flow enforcement policy].

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002191.

Control	Description
AC-4(2)	Use protected processing domains to enforce [information flow control policies to be enforced by use of protected processing domains are defined;] as a basis for flow control decisions.