CCI-003147
CCI-003147 Definition
Maintain trust relationships with external service providers based on organization-defined security requirements, properties, factors, or conditions defining acceptable trust relationships.
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
The organization being inspected/assessed maintains trust relationships with external service providers based on security requirements, properties, factors, or conditions defining acceptable trust relationships defined in SA-9 (3), CCI 3148.
Validation Procedures
The organization conducting the inspection/assessment obtains and examines a list of trust relationships with external service providers to ensure those relationships are maintained based on security requirements, properties, factors, or conditions defining acceptable trust relationship defined in SA-9 (3), CCI 3148.
Compelling Evidence
1.) System security plan (SSP) will define trust relationships with external service providers required by organization-defined security requirements defined in SA-9(3), CCI 3148.