Navigate

CCI-002527

CCI-002527 Definition

The organization employs organization-defined security safeguards to ensure only organization-defined individuals or information systems receive the organization-defined information, information system components, or devices.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed implements security safeguards defined in SC-37 (1), CCI 2525 to ensure only individuals or information systems defined in SC-37 (1), CCI 2523 receive the information, information system components, or devices defined in SC-37 (1), CCI 2526. The organization must maintain an audit trail of security safeguard implementation.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the audit trail of security safeguard implementation to ensure the organization being inspected/assessed employs security safeguards defined in SC-37 (1), CCI 2525 to ensure only individuals or information systems defined in SC-37 (1), CCI 2523 receive the information, information system components, or devices defined in SC-37 (1), CCI 2526.

Compelling Evidence

1.) Audit trail of security safeguard implementation.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002527.

Control	Description
SC-37 (1)	The organization employs [Assignment: organization-defined security safeguards] to ensure that only [Assignment: organization-defined individuals or information systems] receive the [Assignment: organization-defined information, information system components, or devices].