Navigate

CCI-002477

CCI-002477 Definition

The organization defines the information at rest to be removed from online storage and stored in an off-line secure location.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed defines and documents the information at rest to be removed from on-line storage and stored in an off-line secure location. DoD has determined the information is not appropriate to define at the Enterprise level.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented information to ensure the organization being inspected/assessed defines the information at rest to be removed from on-line storage and stored in an off-line secure location. DoD has determined the information is not appropriate to define at the Enterprise level.

Compelling Evidence

1.) Signed and dated System Security Plan (SSP). 2.) Backup Procedures documentation (reference 'information at rest' section).

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002477.

Control	Description
SC-28 (2)	The organization removes from online storage and stores off-line in a secure location [Assignment: organization-defined information].