CCI-000625
CCI-000625 Definition
The organization requires in acquisition documents that vendors/contractors provide information describing the implementation details of the security controls to be employed within the information system, information system components, or information system services (including functional interfaces among control components) in sufficient detail to permit analysis and testing of the controls.
| Status | |
| Type | CheckType.policy |