CCI-002673
CCI-002673 Definition
| Status | |
| Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
Determine if [SI-04(19)_ODP[01]; additional monitoring of individuals who have been identified as posing an increased level of risk is defined] is implemented on individuals who have been identified by [SI-04(19)_ODP[02]; sources that identify individuals who pose an increased level of risk are defined] as posing an increased level of risk.
Validation Procedures
Examine: [SELECT FROM: System and information integrity policy; system and information integrity procedures; procedures addressing system monitoring; system design documentation; system monitoring tools and techniques documentation; system configuration settings and associated documentation; system audit records; system security plan; privacy plan; other relevant documents or records]. Interview: [SELECT FROM: System/network administrators; organizational personnel with information security and privacy responsibilities; organizational personnel installing, configuring, and/or maintaining the system; organizational personnel responsible for monitoring the system; legal counsel; human resource officials; organizational personnel with personnel security responsibilities]. Test: [SELECT FROM: Organizational processes for system monitoring; mechanisms supporting and/or implementing a system monitoring capability].