CCI-003065

The organization plans and coordinates security-related activities affecting the information system with organization-defined individuals or groups before conducting such activities in order to reduce the impact on other organizational entities.

Implementation Guidance

The organization being inspected/assessed defines and documents within the security plan, the planning and coordination of security-related activities affecting the information system with individuals or groups defined in PL-2 (3), CCI 3067 before conducting such activities in order to reduce the impact on other organizational entities.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the security plan to ensure the organization being inspected/assessed plans and coordinates of security-related activities affecting the information system with individuals or groups defined in PL-2 (3), CCI 3067 before conducting such activities in order to reduce the impact on other organizational entities.

Compelling Evidence

1.) List of activities and entities that security related activities must be coordinated with. 2.) Documented planning and coordination process which includes notification and coordination with the activities identified in CCI 3067.

The controls below (if any) were marked by NIST as being related to CCI-003065.