CCI-002580

The organization employs sanitization mechanisms with the strength and integrity commensurate with the security category or classification of the information.

Implementation Guidance

The organization being inspected/assessed implements sanitization mechanisms with the strength and integrity commensurate with the security category or classification of the information. The organization must maintain an audit trail of sanitization actions.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the audit trail of sanitization actions to ensure the organization being inspected/assessed implements sanitization mechanisms with the strength and integrity commensurate with the security category or classification of the information.

Compelling Evidence

1.) TTP or SOP showing steps for media sanitation. 2.) System Security Plan (SSP), if necessary, referencing sections which apply to disposal and release for reuse out of organizational control.

The controls below (if any) were marked by NIST as being related to CCI-002580.