CCI-004027
CCI-004027 Definition
Defines the backup information which is protected by cryptographic mechanisms preventing unauthorized disclosure and modification.
| Status | |
| Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
Determine if cryptographic mechanisms are implemented to prevent unauthorized disclosure and modification of [CP-09(08)_ODP; backup information to protect against unauthorized disclosure and modification is defined].
Validation Procedures
Examine: [SELECT FROM: Contingency planning policy; procedures addressing system backup; contingency plan; system design documentation; system configuration settings and associated documentation; system security plan; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with system backup responsibilities; organizational personnel with information security responsibilities]. Test: [SELECT FROM: Mechanisms supporting and/or implementing cryptographic protection of backup information].