An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2024
Xylok, LLC
Version: pp-server-fixes-6359-660a
Xylok
Home Menu
info@xylok.io
© 2024
Xylok, LLC
Version: pp-server-fixes-6359-660a
Open sidebar
Navigate
Top
Search
CCIs (
3551
)
Pages (
10/119
)
CCIs
Number
Definition
Status
Related
CCI-000273
The organization defines the frequency with which to update the security authorization.
Draft
CA-6
CCI-000274
The organization develops a continuous monitoring strategy.
Draft
CA-7
CCI-000275
The organization implements a continuous monitoring program that includes a configuration management process for the information system.
Draft
CCI-000276
The organization implements a continuous monitoring program that includes a configuration management process for the information system constituent components.
Draft
CCI-000277
The organization implements a continuous monitoring program that includes a determination of the security impact of changes to the information system.
Draft
CCI-000278
The organization implements a continuous monitoring program that includes a determination of the security impact of changes to the environment of operation.
Draft
CCI-000279
The organization implements a continuous monitoring program that includes ongoing security control assessments in accordance with the organizational continuous monitoring strategy.
Draft
CA-7
CCI-000280
The organization implements a continuous monitoring program that includes reporting the security status of the organization and the information system to organization-defined personnel or roles on an organization-defined frequency.
Draft
CA-7
CCI-000281
The organization defines the frequency with which to report the security status of the organization and the information system to organization-defined personnel or roles.
Draft
CA-7
CCI-000282
The organization employs assessors or assessment teams with an organization-defined level of independence to monitor the security controls in the information system on an ongoing basis.
Draft
CA-7 (1)
CCI-000283
The organization plans announced or unannounced assessments (in-depth monitoring, malicious user testing, penetration testing, red team exercises, or other organization-defined forms of security assessment), on an organization-defined frequency, to ensure compliance with all vulnerability mitigation procedures.
Draft
CCI-000284
The organization schedules announced or unannounced assessments (in-depth monitoring, malicious user testing, penetration testing, red team exercises, or other organization-defined forms of security assessment), on an organization-defined frequency, to ensure compliance with all vulnerability mitigation procedures.
Draft
CCI-000285
The organization conducts announced or unannounced assessments (in-depth monitoring, malicious user testing, penetration testing, red team exercises, or other organization-defined forms of security assessment), on an organization-defined frequency, to ensure compliance with all vulnerability mitigation procedures.
Draft
CCI-000286
The organization defines a frequency with which to review and update the configuration management policies.
Draft
CM-1
CCI-000287
The organization develops and documents a configuration management policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance.
Draft
CM-1
CCI-000288
The organization disseminates formal, documented configuration management policy to elements within the organization having associated configuration management roles and responsibilities.
Draft
CCI-000289
The organization reviews and updates, on an organization-defined frequency, the configuration management policy.
Draft
CM-1
CCI-000290
The organization develops and documents procedures to facilitate the implementation of the configuration management policy and associated configuration management controls.
Draft
CM-1
CCI-000291
The organization disseminates formal, documented procedures to facilitate the implementation of the configuration management policy and associated configuration management controls.
Draft
CCI-000292
The organization reviews and updates, on an organization-defined frequency, the procedures to facilitate the implementation of the configuration management policy and associated configuration management controls.
Draft
CM-1
CCI-000293
The organization develops a current baseline configuration of the information system.
Draft
CM-2
CCI-000294
The organization documents a baseline configuration of the information system.
Draft
CM-2
CCI-000295
The organization maintains, under configuration control, a current baseline configuration of the information system.
Draft
CM-2
CCI-000296
The organization reviews and updates the baseline configuration of the information system at an organization-defined frequency.
Draft
CM-2 (1)
CCI-000297
The organization reviews and updates the baseline configuration of the information system when required due to organization-defined circumstances.
Draft
CM-2 (1)
CCI-000298
The organization reviews and updates the baseline configuration of the information system as an integral part of information system component installations.
Draft
CM-2 (1)
CCI-000299
The organization reviews and updates the baseline configuration of the information system as an integral part of information system component upgrades.
Draft
CM-2 (1)
CCI-000300
The organization employs automated mechanisms to maintain a complete baseline configuration of the information system.
Draft
CM-2 (2)
CCI-000301
The organization employs automated mechanisms to maintain an up-to-date baseline configuration of the information system.
Draft
CM-2 (2)
CCI-000302
The organization employs automated mechanisms to maintain an accurate baseline configuration of the information system.
Draft
CM-2 (2)
Prev
1...
6
7
8
9
10
11
12
13
14
...119
Next