Navigate

CCI-003082

CCI-003082 Definition

Design the security architecture for the system using a defense-in-depth approach that allocates organization-defined controls to organization-defined architectural layers.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed designs and documents its security architecture using a defense-in-depth approach that allocates security safeguards defined in PL-8 (1), CCI 3084 to architectural layers defined in PL-8 (1), CCI 3086.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the security architecture to ensure the organization being inspected/assessed designs its security architecture using a defense-in-depth approach that allocates security safeguards defined in PL-8 (1), CCI 3084 to architectural layers defined in PL-8 (1), CCI 3086.

Compelling Evidence

1.) Signed and current documented organization security architecture which allocates security safeguards defined in PL-8 (1), CCI 3084 to locations defined in PL-8 (1), CCI 3086.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-003082.

Control	Description
PL-8(1)	The organization designs its security architecture using a defense-in-depth approach that: (a): Allocates [one of ] to [one of ]; and (b): Ensures that the allocated security safeguards operate in a coordinated and mutually reinforcing manner.