CCI-003071
CCI-003071 Definition
The organization develops a security Concept of Operations (CONOPS) for the information system containing, at a minimum, how the organization intends to operate the system from the perspective of information security.
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
The organization being inspected/assessed develops and documents a security Concept of Operations (CONOPS) for the information system containing at a minimum, how the organization intends to operate the system from the perspective of information security.
Validation Procedures
The organization conducting the inspection/assessment obtains and examines the security CONOPS to ensure the organization being inspected/assessed develops a security CONOPS for the information system containing at a minimum, how the organization intends to operate the system from the perspective of information security.
Compelling Evidence
1.) Concept of Operations (CONOPS) which includes how the organization intends to operate the system from the perspective of information security.