Navigate

CCI-003116

CCI-003116 Definition

The organization employs only information technology products on the FIPS 201-approved products list for Personal Identity Verification (PIV) capability implemented within organizational information systems.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed employs DoD approved PKI tokens for identity verification.

Validation Procedures

The organization conducting the inspection/assessment examines the information system to ensure DoD approved PKI tokens are implemented for identity verification.

Compelling Evidence

1.) System security plan (SSP) must document Personal Identify Verification (PIV) capability being implemented for organization information systems. 2.) Documented confirmation of FIPS 201-approved products list.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-003116.

Control	Description
SA-4 (10)	The organization employs only information technology products on the FIPS 201-approved products list for Personal Identity Verification (PIV) capability implemented within organizational information systems.