Navigate

CCI-002815

CCI-002815 Definition

The organization defines personnel or roles to whom responsibility for responding to information spills will be assigned.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed defines and documents personnel or roles to whom responsibility for responding to information spills will be assigned. The personnel must include the ISSO and ISSM. DoD has determined the personnel or roles are not appropriate to define at the Enterprise level.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented personnel or roles to ensure the organization being inspected/assessed defines personnel or roles to whom responsibility for responding to information spills will be assigned, which must include the ISSO and ISSM. DoD has determined the personnel or roles are not appropriate to define at the Enterprise level.

Compelling Evidence

1.) Documentation that defines personnel or roles to whom responsibility for responding to information spills will be assigned, including the ISSO and ISSM.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002815.

Control	Description
IR-9 (1)	The organization assigns [Assignment: organization-defined personnel or roles] with responsibility for responding to information spills.