CCI-000610
CCI-000610 Definition
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
The organization being inspected/assessed determines the resources (funding, staffing, etc) required for the cybersecurity requirements to protect the information system or information system service as part of its planning, programming, and budget process (PPBE).
Validation Procedures
The organization conducting the inspection/assessment obtains and examines the planning, programming, and budget documentation to ensure the organization being inspected/assessed has determined the resources required for cybersecurity requirements to protect the information system or information system service.
Compelling Evidence
1.) System security plan (SSP). 2.) Mission/business planning documentation. 3.) Capital planning and investment documentation includes what resources are necessary to protect the information systems or services.