CCI-000572
CCI-000572 Definition
The organization defines the frequency for reviewing the security plan for the information system.
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
DoD has defined the frequency as annually.
Validation Procedures
The organization being inspected/assessed is automatically compliant with this CCI because they are covered at the DoD level. DoD has defined the frequency as annually.
Compelling Evidence
1.) Section in system security plan (SSP) that defines review frequency for the information system security plan.