Navigate

CCI-002682

CCI-002682 Definition

The organization defines the personnel or roles to be alerted when unauthorized or unapproved network services are detected.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

DoD has defined the personnel or roles as at a minimum, the ISSO and ISSM.

Validation Procedures

The organization being inspected/assessed is automatically compliant with this CCI because they are covered at the DoD level. DoD has defined the personnel or roles as at a minimum, the ISSO and ISSM.

Compelling Evidence

Automatically compliant.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002682.

Control	Description
SI-4 (22)	The information system detects network services that have not been authorized or approved by [Assignment: organization-defined authorization or approval processes] and [Selection (one or more): audits; alerts [Assignment: organization-defined personnel or roles]].