Navigate

CCI-000830

CCI-000830 Definition

Defines security violations that, if detected, initiate a configurable capability to automatically disable the system.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed defines and document a list of security violations that upon occurrence initiate an automated action to disable or shutdown the information system. Violations may be identified by specific activity or by class/type of activity. DoD has determined the security violations are not appropriate to define at the Enterprise level.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the list of documented security violations to ensure the organization has clearly identified those violations that initiate an automated disabling or shut down of the information system. DoD has determined the security violations are not appropriate to define at the Enterprise level.

Compelling Evidence

1.) List of documented security violations

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-000830.

Control	Description
IR-4(5)	The organization implements a configurable capability to automatically disable the information system if [one of ] are detected.