Navigate

CCI-003082

CCI-003082 Definition

The organization designs its security architecture using a defense-in-depth approach that allocates organization-defined security safeguards to organization-defined architectural layers.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed designs and documents its security architecture using a defense-in-depth approach that allocates security safeguards defined in PL-8 (1), CCI 3084 to architectural layers defined in PL-8 (1), CCI 3086.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the security architecture to ensure the organization being inspected/assessed designs its security architecture using a defense-in-depth approach that allocates security safeguards defined in PL-8 (1), CCI 3084 to architectural layers defined in PL-8 (1), CCI 3086.

Compelling Evidence

1.) Signed and current documented organization security architecture which allocates security safeguards defined in PL-8 (1), CCI 3084 to locations defined in PL-8 (1), CCI 3086.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-003082.

Control	Description
PL-8 (1)	The organization designs its security architecture using a defense-in-depth approach that: PL-8 (1)(a): Allocates [Assignment: organization-defined security safeguards] to [Assignment: organization-defined locations and architectural layers]; and PL-8 (1)(b): Ensures that the allocated security safeguards operate in a coordinated and mutually reinforcing manner.