Navigate

CCI-002507

CCI-002507 Definition

The organization controls read-only media after information has been recorded onto the media.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed documents and implements mechanisms to control the read-only media after information has been recorded onto the media.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented mechanisms to ensure the organization being inspected/assessed controls the read-only media after information has been recorded onto the media.

Compelling Evidence

1.) Signed and dated Standard Operating Procedure (SOP). 2.) Concept of Operations (CONOP). 3.) System security plan (SSP). 4.) Configuration guide (reference "hardware-enforced, read-only media" section).

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002507.

Control	Description
SC-34 (2)	The organization protects the integrity of information prior to storage on read-only media and controls the media after such information has been recorded onto the media.