Navigate

CCI-002203

CCI-002203 Definition

The organization defines the unsanctioned information the information system is to examine when transferring information between different security domains.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed defines and documents the unsanctioned information for which the information system is to examine when transferring information between different security domains. DoD has determined the unsanctioned information is not appropriate to define at the Enterprise level.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented unsanctioned information to ensure the organization being inspected/assessed defines the unsanctioned information for which the information system is to examine when transferring information between different security domains. DoD has determined the unsanctioned information is not appropriate to define at the Enterprise level.

Compelling Evidence

1.) Signed and dated documentation that defines the unsanctioned information for which the information system is to examine when transferring information between different security domains.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002203.

Control	Description
AC-4 (15)	The information system, when transferring information between different security domains, examines the information for the presence of [Assignment: organized-defined unsanctioned information] and prohibits the transfer of such information in accordance with the [Assignment: organization-defined security policy].