CCI-003052
CCI-003052 Definition
The organization^s security plan for the information system describes the operational context of the information system in terms of missions and business processes.
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
The organization being inspected/assessed describes within the security plan the operational context of the information system in terms of missions and business processes.
Validation Procedures
The organization conducting the inspection/assessment obtains and examines the security plan to ensure the organization being inspected/assessed describes within the security plan the operational context of the information system in terms of missions and business processes.
Compelling Evidence
1.) System security plan (SSP).