CCI-000618
CCI-000618 Definition
Identify individuals having information system security roles and responsibilities.
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
The organization being inspected/assessed identifies and documents individuals having information system security roles and responsibilities.
Validation Procedures
The organization conducting the inspection/assessment obtains and examines the documented individuals having information system security roles and responsibilities to ensure the organization being inspected/assessed identifies individuals having information system security roles and responsibilities.
Compelling Evidence
1.) System security plan (SSP). 2.) System development life cycle (SDLC) documentation defines security roles and responsibilities.