Navigate

CCI-002378

CCI-002378 Definition

Defines the personnel or roles to be recipients of the organization-level; mission/business process-level; and/or system-level system and communications protection policy.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Validation Procedures

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002378.

Control	Description
SC-1	The organization: a: Develops, documents, and disseminates to [one of ]: 1: A system and communications protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and 2: Procedures to facilitate the implementation of the system and communications protection policy and associated system and communications protection controls; and b: Reviews and updates the current: 1: System and communications protection policy [one of ]; and 2: System and communications protection procedures [one of ].

Control

Description

SC-1

The organization:

a: Develops, documents, and disseminates to [one of ]:
- 1: A system and communications protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and
- 2: Procedures to facilitate the implementation of the system and communications protection policy and associated system and communications protection controls; and

b: Reviews and updates the current:
- 1: System and communications protection policy [one of ]; and
- 2: System and communications protection procedures [one of ].