CCI-003201

The organization employs organization-defined security safeguards to limit harm from potential adversaries identifying and targeting the organizational supply chain.

Implementation Guidance

The organization being inspected/assessed employs security safeguards defined in SA-12 (5), CCI 3202 to limit harm from potential adversaries identifying and targeting the organizational supply chain. The organization must maintain a record of security safeguards employed.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the record of security safeguards supplied to ensure the organization being inspected/assessed employs security safeguards defined in SA-12 (5), CCI 3202 to limit harm from potential adversaries identifying and targeting the organizational supply chain.

Compelling Evidence

1.) System security plan (SSP). 2.) System development life cycle (SDLC) documentation. 3.) Continuous monitoring plan showing security safeguards limiting harm from potential adversaries identifying and targeting the supply chain.

The controls below (if any) were marked by NIST as being related to CCI-003201.