Navigate

CCI-003214

CCI-003214 Definition

The organization employs organizational analysis, independent third-party analysis, organizational penetration testing and/or independent third-party penetration testing of organization-defined supply chain elements, processes, and actors associated with the information system, system component, or information system service.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Validation Procedures

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-003214.

Control	Description
SA-12(11)	The organization employs [one or more of "organizational analysis, independent third-party analysis, organizational penetration testing, independent third-party penetration testing"] of [one of ] associated with the information system, system component, or information system service.