CCI-002295
CCI-002295 Definition
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
The organization being inspected/assessed documents and implements a process requiring personnel to associate security attributes defined in AC-16 (6), CCI 2292 with subjects defined in AC-16 (6), CCI 2293 in accordance with security policies defined in AC-16 (6), CCI 2291.
Validation Procedures
The organization conducting the inspection/assessment obtains and examines the documented process to ensure the organization being inspected/assessed requires personnel to associate security attributes defined in AC-16 (6), CCI 2292 with subjects defined in AC-16 (6), CCI 2293 in accordance with security policies defined in AC-16 (6), CCI 2291.
DISA Compelling Evidence
1) View signed and dated documentation. 2) Examine and validate that the documentation describes how the site requires personnel to associate security attributes defined in AC-16 (6), CCI 2292 with subjects defined in AC-16 (6), CCI 2293 in accordance with security policies defined in AC-16 (6), CCI 2291. 3) Verify that the site implements this process.