Navigate

CCI-003086

CCI-003086 Definition

Defines the architectural layers to which the system allocates organization-defined controls in the security architecture.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed defines and documents the architectural layers to which it allocates organization-defined security safeguards in the security architecture. DoD has determined the architectural layers are not appropriate to define at the Enterprise level.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented architectural layers to ensure the organization being inspected/assessed defines the architectural layers to which it allocates organization-defined security safeguards in the security architecture. DoD has determined the architectural layers are not appropriate to define at the Enterprise level.

Compelling Evidence

1.) Signed and current documentation of the architectural layers to which the organization allocates organization-defined security safeguards in the security architecture.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-003086.

Control	Description
PL-8(1)	The organization designs its security architecture using a defense-in-depth approach that: (a): Allocates [one of ] to [one of ]; and (b): Ensures that the allocated security safeguards operate in a coordinated and mutually reinforcing manner.