CCI-002383

Defines the procedures to be employed to prevent unauthorized information transfer via shared resources when system processing explicitly switches between different information classification levels or security categories.

Implementation Guidance

The organization being inspected/assessed defines and documents the procedures to be employed to prevent the unauthorized information transfer via shared resources when system processing explicitly switches between different information classification levels or security categories. DoD has determined the procedures are not appropriate to define at the Enterprise level.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented procedures to ensure the organization being inspected/assessed defines the procedures to be employed to prevent the unauthorized information transfer via shared resources when system processing explicitly switches between different information classification levels or security categories. DoD has determined the procedures are not appropriate to define at the Enterprise level.

Compelling Evidence

1.) Signed and dated procedure documentation to prevent the unauthorized information transfer via shared resources when system processing explicitly switches between different information classification levels or security categories.

The controls below (if any) were marked by NIST as being related to CCI-002383.