Master Assessment Datasheet
The organization being inspected/assessed develops and documents an information security architecture for the information system.
The organization conducting the inspection/assessment obtains and examines the documented information security architecture to ensure the organization being inspected/assessed develops an information security architecture for the information system.
DISA Compelling Evidence
1. A current, documented information security architecture is available for examination. 2. Architecture addresses information security implementation and safeguards, both externally facing and internally facing. 3. Architecture addresses safeguards and security mechanisms the WAN / MAN level down to the host, and addresses insider threat considerations.