CCI-002199
CCI-002199 Definition
| Status | |
| Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
Determine if: - capability is provided for privileged administrators to enable and disable [AC-04(10)_ODP[01]; security policy filters that privileged administrators have the capability to enable and disable are defined] under [AC-04(10)_ODP[03]; conditions under which privileged administrators have the capability to enable and disable security policy filters are defined]. - capability is provided for privileged administrators to enable and disable [AC-04(10)_ODP[02]; privacy policy filters that privileged administrators have the capability to enable and disable are defined] under [AC-04(10)_ODP[04]; conditions under which privileged administrators have the capability to enable and disable privacy policy filters are defined].
Validation Procedures
Examine: [SELECT FROM: Access control policy; information flow information policies; procedures addressing information flow enforcement; system design documentation; system configuration settings and associated documentation; list of security policy filters enabled/disabled by privileged administrators; list of privacy policy filters enabled/disabled by privileged administrators; list of approved data types for enabling/disabling by privileged administrators; system audit records; system security plan; privacy plan; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with responsibilities for enabling/disabling security and privacy policy filters; system/network administrators; organizational personnel with information security and privacy responsibilities; system developers]. Test: [SELECT FROM: Mechanisms implementing information flow enforcement policy; security and privacy policy filters].