CCI-003116
CCI-003116 Definition
Employ only information technology products on the FIPS 201-approved products list for Personal Identity Verification (PIV) capability implemented within organizational systems.
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
The organization being inspected/assessed employs DoD approved PKI tokens for identity verification.
Validation Procedures
The organization conducting the inspection/assessment examines the information system to ensure DoD approved PKI tokens are implemented for identity verification.
Compelling Evidence
1.) System security plan (SSP) must document Personal Identify Verification (PIV) capability being implemented for organization information systems. 2.) Documented confirmation of FIPS 201-approved products list.