CCI-002930

The organization defines information system distribution and transmission lines within organizational facilities to control physical access to using organization-defined security safeguards.

Implementation Guidance

The organization being inspected/assessed defines and documents information system distribution and transmission lines within organizational facilities to control physical access using organization-defined security safeguards. If transmission lines carry classified information, a protected distribution system (PDS) must be used to transmit unencrypted classified information through an area of lesser classification or control. For additional information, see NSTISSI No. 7003. DoD has determined the information system distribution and transmission lines are not appropriate to define at the Enterprise level.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented information system distribution and transmission lines to ensure the organization being inspected/assessed defines information system distribution and transmission lines within organizational facilities to control physical access using organization-defined security safeguards. DoD has determined the information system distribution and transmission lines are not appropriate to define at the Enterprise level.

Compelling Evidence

2.) Facility access policy and procedures

The controls below (if any) were marked by NIST as being related to CCI-002930.