CCI-002754

Verify that the system behaves in a predictable and documented manner that reflects organizational and system objectives when invalid inputs are received.

Implementation Guidance

Determine if: - the system behaves in a predictable manner when invalid inputs are received. - the system behaves in a documented manner when invalid inputs are received.

Validation Procedures

Examine: [SELECT FROM: System and information integrity policy; system and information integrity procedures; procedures addressing information input validation; system design documentation; system configuration settings and associated documentation; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel responsible for information input validation; organizational personnel with information security responsibilities; system/network administrators; system developer]. Test: [SELECT FROM: Automated mechanisms supporting and/or implementing predictable behavior when invalid inputs are received].

The controls below (if any) were marked by NIST as being related to CCI-002754.