CCI-000618
CCI-000618 Definition
The organization identifies individuals having information system security roles and responsibilities.
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
The organization being inspected/assessed identifies and documents individuals having information system security roles and responsibilities.
Validation Procedures
The organization conducting the inspection/assessment obtains and examines the documented individuals having information system security roles and responsibilities to ensure the organization being inspected/assessed identifies individuals having information system security roles and responsibilities.
DISA Compelling Evidence
1) Site's SP and System Development Life Cycle (SDLC) documentation must define security roles and responsibilities 2) Reviewer will validate that security roles and responsibilities are documented