Navigate

CCI-000231

CCI-000231 Definition

The organization reports the security state of organizational information systems and the environments in which those systems operate through security authorization processes.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

DoDI 8510.01 meets the DoD requirement to manage the security authorization process. DoD components are automatically compliant with this CCI because they are covered at the DoD level, DoDI 8510.01.

Validation Procedures

DoDI 8510.01 meets the DoD requirement to manage the security authorization process. DoD components are automatically compliant with this CCI because they are covered at the DoD level, DoDI 8510.01.

Compelling Evidence

Automatically compliant per DoDI 8510.01.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-000231.

Control	Description
PM-10	The organization: PM-10a.: Manages (i.e., documents, tracks, and reports) the security state of organizational information systems and the environments in which those systems operate through security authorization processes; PM-10b.: Designates individuals to fulfill specific roles and responsibilities within the organizational risk management process; and PM-10c.: Fully integrates the security authorization processes into an organization-wide risk management program.

Control

Description

PM-10

The organization:

PM-10a.: Manages (i.e., documents, tracks, and reports) the security state of organizational information systems and the environments in which those systems operate through security authorization processes;

PM-10b.: Designates individuals to fulfill specific roles and responsibilities within the organizational risk management process; and

PM-10c.: Fully integrates the security authorization processes into an organization-wide risk management program.