Navigate

CCI-003088

CCI-003088 Definition

The organization requires that organization-defined security safeguards allocated to organization-defined locations and architectural layers be obtained from different suppliers.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed obtains from different suppliers security safeguards defined in PL-8 (1), CCIs 3083 and 3084 allocated to locations and architectural layers defined in PL-8 (1) CCIs 3085 and 3086.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines procurement records to ensure that different suppliers are used to procure security safeguards defined in PL-8 (1), CCIs 3083 and 3084 allocated to locations and architectural layers defined in PL-8 (1) CCIs 3085 and 3086.

Compelling Evidence

1.) Evidence of procurement records defined in PL-8 (1), CCIs 3083 and 3084 allocated to locations and architectural layers defined in PL-8 (1) CCIs 3085 and 3086.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-003088.

Control	Description
PL-8 (2)	The organization requires that [Assignment: organization-defined security safeguards] allocated to [Assignment: organization-defined locations and architectural layers] are obtained from different suppliers.