CCI-003145
CCI-003145 Definition
Establish trust relationships with external service providers based on organization-defined security requirements, properties, factors, or conditions defining acceptable trust relationships.
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
The organization being inspected/assessed establishes trust relationships with external service providers based on security requirements, properties, factors, or conditions defining acceptable trust relationship defined in SA-9 (3), CCI 3148.
Validation Procedures
The organization conducting the inspection/assessment obtains and examines a list of trust relationships with external service providers to ensure those relationships are established based on security requirements, properties, factors, or conditions defining acceptable trust relationship defined in SA-9 (3), CCI 3148.
Compelling Evidence
1.) System security plan (SSP) will define trust relationships with external service providers required by organization-defined security requirements defined in SA-9(3), CCI 3148.