CCI-003217
CCI-003217 Definition
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
The organization being inspected/assessed establishes and documents inter-organizational procedures with entities involved in the supply chain for the information system, system component, or information system service.
Validation Procedures
The organization conducting the inspection/assessment obtains and examines the documented inter-organizational procedures to ensure the organization being inspected/assessed establishes inter-organizational procedures with entities involved in the supply chain for the information system, system component, or information system service.
Compelling Evidence
1.) System security plan (SSP). 2.) System development life cycle (SDLC) documentation. 3.) Continuous monitoring plan for establishing inter-organizational procedures with entities involved with supply chain elements, processes and actors associated with the information system, system components or information system service.