Navigate

CCI-002529

CCI-002529 Definition

The organization employs organization-defined operations security safeguards to protect key organizational information throughout the system development life cycle.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed implements operations security safeguards defined in SC-38, CCI 2528 to protect key organizational information throughout the system development life cycle. The organization must maintain an audit trail of security safeguard implementation.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the audit trail of security safeguard implementation to ensure the organization being inspected/assessed employs operations security safeguards defined in SC-38, CCI 2528 to protect key organizational information throughout the system development life cycle.

Compelling Evidence

1.) Signed and dated Standard Operating Procedure (SOP). 2.) Concept of Operations (CONOP). 3.) System security plan (SSP) (reference "security" section).

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002529.

Control	Description
SC-38	The organization employs [Assignment: organization-defined operations security safeguards] to protect key organizational information throughout the system development life cycle.