CCI-003064
CCI-003064 Definition
Protect the plans from unauthorized modification.
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
The organization being inspected/assessed documents and implements a process to protect the security plan from unauthorized modification.
Validation Procedures
The organization conducting the inspection/assessment obtains and examines the documented process to ensure the organization being inspected/assessed protects the security plan from unauthorized modification.
Compelling Evidence
1.) Up-to-date list of organizational personnel or roles who are authorized access to the security plan. 2.) Documented procedures/sharing/dissemination protections that limit access to the security plan to those personnel/roles that are authorized access and mechanisms to report unauthorized modification of the system security plan (SSP).