Navigate

CCI-002450

CCI-002450 Definition

Implement organization-defined types of cryptography for each specified cryptography use.

Status
Type	CheckType.technical

Master Assessment Datasheet

Implementation Guidance

Determine if [SC-13_ODP[01]; cryptographic uses are defined] are identified.

Validation Procedures

Examine: [SELECT FROM: System and communications protection policy; procedures addressing cryptographic protection; system design documentation; system configuration settings and associated documentation; cryptographic module validation certificates; list of FIPS-validated cryptographic modules; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: System/network administrators; organizational personnel with information security responsibilities; system developer; organizational personnel with responsibilities for cryptographic protection]. Test: [SELECT FROM: Mechanisms supporting and/or implementing cryptographic protection].

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002450.

Control	Description
SC-13	a: Determine the [cryptographic uses are defined;] ; and b: Implement the following types of cryptography required for each specified cryptographic use: [types of cryptography for each specified cryptographic use are defined;].