An error occurred:

© 2025 Xylok, LLC

Version: features-advanced-collector-898c2c - rmfrev4

Navigate

CCI-000601

CCI-000601 Definition

Defines the frequency with which to review and update the current system and services acquisition policy.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Validation Procedures

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-000601.

Control

Description

The organization:

a: Develops, documents, and disseminates to [one of ]:
- 1: A system and services acquisition policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and
- 2: Procedures to facilitate the implementation of the system and services acquisition policy and associated system and services acquisition controls; and

b: Reviews and updates the current:
- 1: System and services acquisition policy [one of ]; and
- 2: System and services acquisition procedures [one of ].