CCI-002988
CCI-002988 Definition
Disseminate an organization-wide information security program plan that is approved by a senior official with responsibility and accountability for the risk being incurred to organizational operations (including mission, functions, image, and reputation), organizational assets, individuals, other organizations, and the Nation.
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
DoD disseminates DoDI 8500.01 organization-wide via the DoD Issuances website (http://www.dtic.mil/whs/directives/corres/dir.html) and the Knowledge Service is available via: https://rmfks.osd.mil. DoD components are automatically compliant with this CCI as they are covered at the DoD level by DoDI 8500.01 and the Knowledge Service. If the organization or system owner is utilizing common controls they must be documented in their Security Plan.
Validation Procedures
DoD components are automatically compliant with this CCI as they are covered at the DoD level by DoDI 8500.01 and the Knowledge Service. If the organization or system owner is utilizing common controls they must be documented in their Security Plan.
Compelling Evidence
Automatically compliant per DoDI 8500.01.