An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.07.1-5f5778 - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.07.1-5f5778 - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
100/172
)
CCIs
Number
Definition
Status
Related
CCI-003001
Implement a process for ensuring that organizational plans for conducting security training activities associated with organizational systems are maintained.
Draft
PM-14
CCI-003002
Implement a process for ensuring that organizational plans for conducting security monitoring activities associated with organizational systems are developed.
Draft
PM-14
CCI-003003
Implement a process for ensuring that organizational plans for conducting security monitoring activities associated with organizational systems are maintained.
Draft
PM-14
CCI-003004
Implement a process for ensuring that organizational plans for conducting security testing associated with organizational systems continue to be executed.
Draft
PM-14
CCI-003005
Implement a process for ensuring that organizational plans for conducting security training associated with organizational systems continue to be executed.
Draft
PM-14
CCI-003006
Implement a process for ensuring that organizational plans for conducting security monitoring activities associated with organizational systems continue to be executed.
Draft
PM-14
CCI-003007
Review testing plans for consistency with the organizational risk management strategy and organization-wide priorities for risk response actions.
Draft
PM-14
CCI-003008
Review training plans for consistency with the organizational risk management strategy and organization-wide priorities for risk response actions.
Draft
PM-14
CCI-003009
Review monitoring plans for consistency with the organizational risk management strategy and organization-wide priorities for risk response actions.
Draft
PM-14
CCI-003010
Establish and institutionalize contact with selected groups and associations within the security community to facilitate ongoing security education and training for organizational personnel.
Draft
PM-15
CCI-003011
Establish and institutionalize contact with selected groups and associations within the security community to maintain currency with recommended security practices, techniques, and technologies.
Draft
PM-15
CCI-003012
Establish and institutionalize contact with selected groups and associations within the security community to share current security information including threats, vulnerabilities, and incidents.
Draft
PM-15
CCI-003013
Implement a threat awareness program that includes a cross-organization information-sharing capability for threat intelligence.
Draft
PM-16
CCI-003014
Enforce organization-defined mandatory access control policies over all subjects and objects.
Draft
AC-3(3)
CCI-003015
Specifies that organization-defined subjects may explicitly be granted organization-defined privileges such that they are not limited by any defined subset (or all) of the above constraints.
Draft
AC-3(3)
CCI-003016
The organization, upon termination of individual employment, notifies organization-defined personnel or roles within an organization-defined time period.
Draft
PS-4
CCI-003017
Defines the personnel or roles to whom an organization-level; mission/business process-level; and/or system-level personnel security policy is disseminated.
Draft
PS-1
CCI-003018
Defines the personnel or roles to whom the personnel security procedures are disseminated.
Draft
PS-1
CCI-003019
Verify that individuals accessing a system processing, storing, or transmitting information requiring special protection have valid access authorizations that are demonstrated by assigned official government duties.
Draft
PS-3(3)
CCI-003020
Verify that individuals accessing a system processing, storing, or transmitting information requiring special protection satisfy organization-defined additional personnel screening criteria.
Draft
PS-3(3)
CCI-003021
Defines additional personnel screening criteria that individuals accessing a system processing, storing, or transmitting information requiring protection must satisfy.
Draft
PS-3(3)
CCI-003022
Defines the time period within which to disable system access upon termination of individual employment.
Draft
PS-4
CCI-003023
Upon termination of individual employment, terminate or revoke any authenticators and credentials associated with the individual.
Draft
PS-4
CCI-003024
Defines information security topics to be discussed while conducting exit interviews.
Draft
PS-4
CCI-003025
The organization defines personnel or roles to notify upon termination of individual employment.
Draft
PS-4
CCI-003026
The organization defines the time period within which to notify organization-defined personnel or roles upon termination of individual employment.
Draft
PS-4
CCI-003027
Notify terminated individuals of applicable, legally binding post-employment requirements for the protection of organizational information.
Draft
PS-4(1)
CCI-003028
Require terminated individuals to sign an acknowledgment of post-employment requirements as part of the organizational termination process.
Draft
PS-4(1)
CCI-003029
Use organization-defined automated mechanisms to notify organization-defined personnel or roles of individual termination actions; and/or disable access to system resources.
Draft
PS-4(2)
CCI-003030
Defines the personnel or roles to be notified by automated mechanism of individual termination actions, and/or disable access to system resources.
Draft
PS-4(2)
Prev
1...
96
97
98
99
100
101
102
103
104
...172
Next