An error occurred:
Close sidebar
Xylok
Home Menu
[email protected]
© 2024
Xylok, LLC
Version: v2024.04.1-c0c9-98fb
Xylok
Home Menu
[email protected]
© 2024
Xylok, LLC
Version: v2024.04.1-c0c9-98fb
Open sidebar
Navigate
Top
Search
CCIs (
3551
)
Pages (
6/119
)
CCIs
Number
Definition
Status
Related
CCI-000151
The organization defines the frequency for the review and analysis of information system audit records for organization-defined inappropriate or unusual activity.
Draft
AU-6
CCI-000152
The information system integrates audit review, analysis, and reporting processes to support organizational processes for investigation and response to suspicious activities.
Draft
CCI-000153
The organization analyzes and correlates audit records across different repositories to gain organization-wide situational awareness.
Draft
AU-6 (3)
CCI-000154
The information system provides the capability to centrally review and analyze audit records from multiple components within the system.
Draft
AU-6 (4)
CCI-000155
The organization integrates analysis of audit records with analysis of vulnerability scanning information, performance data, and network monitoring information to further enhance the ability to identify inappropriate or unusual activity.
Draft
CCI-000156
The information system provides an audit reduction capability.
Draft
CCI-000157
The information system provides a report generation capability.
Draft
CCI-000158
The information system provides the capability to process audit records for events of interest based on organization-defined audit fields within audit records.
Draft
AU-7 (1)
CCI-000159
The information system uses internal system clocks to generate time stamps for audit records.
Draft
AU-8
CCI-000160
The information system synchronizes internal information system clocks on an organization-defined frequency with an organization-defined authoritative time source.
Draft
CCI-000161
The organization defines the frequency for the synchronization of internal information system clocks.
Draft
AU-8 (1)
CCI-000162
The information system protects audit information from unauthorized access.
Draft
AU-9
CCI-000163
The information system protects audit information from unauthorized modification.
Draft
AU-9
CCI-000164
The information system protects audit information from unauthorized deletion.
Draft
AU-9
CCI-000165
The information system writes audit records to hardware-enforced, write-once media.
Draft
AU-9 (1)
CCI-000166
The information system protects against an individual (or process acting on behalf of an individual) falsely denying having performed organization-defined actions to be covered by non-repudiation.
Draft
AU-10
CCI-000167
The organization retains audit records for an organization-defined time period to provide support for after-the-fact investigations of security incidents and to meet regulatory and organizational information retention requirements.
Draft
AU-11
CCI-000168
The organization defines the time period for retention of audit records, which is consistent with its records retention policy, to provide support for after-the-fact investigations of security incidents and meet regulatory and organizational information retention requirements.
Draft
AU-11
CCI-000169
The information system provides audit record generation capability for the auditable events defined in AU-2 a. at organization-defined information system components.
Draft
AU-12
CCI-000170
The organization implements a process for ensuring that plans of action and milestones for the security program and associated organizational information systems document the remedial information security actions to adequately respond to risk to organizational operations and assets, individuals, other organizations, and the Nation.
Draft
PM-4
CCI-000171
The information system allows organization-defined personnel or roles to select which auditable events are to be audited by specific components of the information system.
Draft
AU-12
CCI-000172
The information system generates audit records for the events defined in AU-2 d. with the content defined in AU-3.
Draft
AU-12
CCI-000173
The organization defines the level of tolerance for relationship between time stamps of individual records in the audit trail that will be used for correlation.
Draft
AU-12 (1)
CCI-000174
The information system compiles audit records from organization-defined information system components into a system-wide (logical or physical) audit trail that is time-correlated to within an organization-defined level of tolerance for relationship between time stamps of individual records in the audit trail.
Draft
AU-12 (1)
CCI-000175
The organization manages information system authenticators for users and devices by verifying, as part of the initial authenticator distribution, the identity of the individual and/or device receiving the authenticator.
Draft
CCI-000176
The organization manages information system authenticators by establishing initial authenticator content for authenticators defined by the organization.
Draft
IA-5
CCI-000177
The organization manages information system authenticators for users and devices by establishing and implementing administrative procedures for initial authenticator distribution, for lost/compromised, or damaged authenticators, and for revoking authenticators.
Draft
CCI-000178
The organization manages information system authenticators for users and devices by changing default content of authenticators upon information system installation.
Draft
CCI-000179
The organization manages information system authenticators by establishing minimum lifetime restrictions for authenticators.
Draft
IA-5
CCI-000180
The organization manages information system authenticators by establishing maximum lifetime restrictions for authenticators.
Draft
IA-5
Prev
1...
2
3
4
5
6
7
8
9
10
...119
Next