Navigate

CCI-003215

CCI-003215 Definition

The organization defines the supply chain elements, processes, and actors associated with the information system, system component, or information system service for organizational analysis, independent third-party analysis, organizational penetration testing and/or independent third-party penetration testing.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Validation Procedures

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-003215.

Control	Description
SA-12(11)	The organization employs [one or more of "organizational analysis, independent third-party analysis, organizational penetration testing, independent third-party penetration testing"] of [one of ] associated with the information system, system component, or information system service.