CCI-003125
CCI-003125 Definition
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
The organization being inspected/assessed documents within contracts/agreements, requirements that the developer provide administrator documentation for the information system, system component or information system service that describe secure installation of the system, component, or service.
Validation Procedures
The organization conducting the inspection/assessment obtains and examines the contracts/agreements to ensure the organization being inspected/assessed requires that the developer provide administrator documentation for the information system, system component or information system service that describe secure installation of the system, component, or service.
Compelling Evidence
1.) System security plan (SSP) must contain administrator documentation that describes secure installation.