Navigate

CCI-002311

CCI-002311 Definition

The organization establishes and documents configuration/connection requirements for each type of remote access allowed.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed establishes and documents configuration/connection requirements for each type of remote access allowed.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented requirements to ensure the organization being inspected/assessed establishes and documents configuration/connection requirements for each type of remote access allowed.

Compelling Evidence

1.) Signed and dated Access Control Policy 2.) Signed and dated Access Control Lists (ACL's) on the remote device(s). 3.) Most current Network topology diagram 4.) Documentation that establishes and documents configuration/connection requirements for each type of remote access allowed.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002311.

Control	Description
AC-17	The organization: AC-17a.: Establishes and documents usage restrictions, configuration/connection requirements, and implementation guidance for each type of remote access allowed; and AC-17b.: Authorizes remote access to the information system prior to allowing such connections.