CCI-002858

Employ organization-defined alternative or supplemental security mechanisms for satisfying organization-defined security functions when the primary means of implementing the security function is unavailable or compromised.

Implementation Guidance

The organization being inspected/assessed documents and implement a process to employ alternative or supplemental security mechanisms defined in CP-13, CCI 2859 for satisfying security functions defined in CP-13, CCI 2860 when the primary means of implementing the security function is unavailable or compromised.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented process to ensure the organization being inspected/assessed employs alternative or supplemental security mechanisms defined in CP-13, CCI 2859 for satisfying security functions defined in CP-13, CCI 2860 when the primary means of implementing the security function is unavailable or compromised.

Compelling Evidence

1.) Documented process to employ alternative security mechanisms when the primary means of implementing the security function is unavailable or compromised

The controls below (if any) were marked by NIST as being related to CCI-002858.