Master Assessment Datasheet
The organization being inspected/assessed documents and implements a process IAW DoDD 5400.11 and DoD 5400.11-R, to audit its staff on the authorized sharing of PII with third parties. The organization must maintain records of audits.
The organization conducting the inspection/assessment obtains and examines the documented process as well as the records of audits to ensure the organization being inspected/assessed audits its staff, IAW DoDD 5400.11 and DoD 5400.11-R, on the authorized sharing of PII with third parties.
DISA Compelling Evidence
1)Produce signed and dated SSP 2) Reference section pertaining to PII and verify the SSP describes a process to use personally identifiable information (PII) internally only for the authorized purpose(s) identified in the Privacy Act and/or in public notices. 3) Validate that the site implements this policy