An error occurred:

CCI-002990

CCI-002990 Definition

Protect the information security program plan from unauthorized modification.
Status
Type CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Determine if: - the information security program plan is protected from unauthorized disclosure. - the information security program plan is protected from unauthorized modification.

Validation Procedures

Examine: [SELECT FROM: Information security program plan; procedures addressing program plan development and implementation; procedures addressing program plan reviews and updates; procedures addressing coordination of the program plan with relevant entities; procedures for program plan approvals; records of program plan reviews and updates; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with information security program planning and plan implementation responsibilities; organizational personnel with information security responsibilities]. Test: [SELECT FROM: Organizational processes for information security program plan development, review, update, and approval; mechanisms supporting and/or implementing the information security program plan].