Navigate

CCI-002382

CCI-002382 Definition

Implement security functions as largely independent modules that maximize internal cohesiveness within modules and minimize coupling between modules.

Status
Type	CheckType.technical

Master Assessment Datasheet

Implementation Guidance

Determine if: - security functions are implemented as largely independent modules that maximize internal cohesiveness within modules. - security functions are implemented as largely independent modules that minimize coupling between modules.

Validation Procedures

Examine: [SELECT FROM: System and communications protection policy; procedures addressing security function isolation; system design documentation; system configuration settings and associated documentation; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: System/network administrators; organizational personnel with information security responsibilities]. Test: [SELECT FROM: Organizational processes for maximizing internal cohesiveness within modules and minimizing coupling between modules; mechanisms supporting and/or implementing security functions as independent modules].

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002382.

Control	Description
SC-3(4)	Implement security functions as largely independent modules that maximize internal cohesiveness within modules and minimize coupling between modules.