Navigate

CCI-000282

CCI-000282 Definition

Employ independent assessors or assessment teams to monitor the controls in the system on an ongoing basis.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Determine if independent assessors or assessment teams are employed to monitor the controls in the system on an ongoing basis.

Validation Procedures

Examine: [SELECT FROM: Assessment, authorization, and monitoring policy; organizational continuous monitoring strategy; system-level continuous monitoring strategy; procedures addressing continuous monitoring of system controls; control assessment report; plan of action and milestones; system monitoring records; impact analyses; status reports; system security plan; privacy plan; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with continuous monitoring responsibilities; organizational personnel with information security and privacy responsibilities].

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-000282.

Control	Description
CA-7(1)	Employ independent assessors or assessment teams to monitor the controls in the system on an ongoing basis.