CCI-000255
CCI-000255 Definition
Employ independent assessors or assessment teams to conduct control assessments.
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
The organization being inspected/assessed will employ assessors and assessor teams with the level of independence defined in CA-2 (1), CCI 2064 to conduct security control assessments of organizational information systems.
Validation Procedures
The organization conducting the inspection/assessment obtains and examines the level of independence defined in CA-2 (1), CCI 2064 to ensure that they, as the assessor, meet the required level of independence.
Compelling Evidence
1.) Signed and dated Security Assessment and Authorization Policy