An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
101/172
)
CCIs
Number
Definition
Status
Related
CCI-003031
Modify access authorization as needed to correspond with any changes in operational need due to reassignment or transfer.
Draft
PS-5
CCI-003032
Notify organization-defined personnel or roles within an organization-defined time period when individuals are transferred or reassigned to other positions within the organization.
Draft
PS-5
CCI-003033
Defines personnel or roles to be notified when individuals are transferred or reassigned to other positions within the organization.
Draft
PS-5
CCI-003034
Defines the time period within which organization-defined personnel or roles are to be notified when individuals are transferred or reassigned to other positions within the organization.
Draft
PS-5
CCI-003035
Develop and document access agreements for organizational systems.
Draft
PS-6
CCI-003036
The organization ensures that individuals requiring access to organizational information and information systems re-sign access agreements to maintain access to organizational information systems when access agreements have been updated or in accordance with organization-defined frequency.
Draft
PS-6
CCI-003037
The organization defines the frequency for individuals requiring access to organization information and information systems to re-sign access agreements.
Draft
PS-6
CCI-003038
Notify individuals of applicable, legally binding post-employment requirements for protection of organizational information.
Draft
PS-6(3)
CCI-003039
Require individuals to sign an acknowledgement of legally binding post-employment requirements for protection of organizational information, if applicable, as part of granting initial access to covered information.
Draft
PS-6(3)
CCI-003040
The organization requires third-party providers to comply with personnel security policies and procedures established by the organization.
Draft
PS-7
CCI-003041
Require external providers to notify organization-defined personnel or roles of any personnel transfers or terminations of external personnel who possess organizational credentials and/or badges, or who have system privileges within an organization-defined time period.
Draft
PS-7
CCI-003042
Defines personnel or roles whom external providers are to notify when external personnel who possess organizational credentials and /or badges or who have system privileges are transferred or terminated.
Draft
PS-7
CCI-003043
Defines the time period for external providers to notify organization-defined personnel or roles when external personnel who possess organizational credentials and/or badges, or who have system privileges are transferred or terminated.
Draft
PS-7
CCI-003044
Notify organization-defined personnel or roles within an organization-defined time period when a formal employee sanctions process is initiated, identifying the individual sanctioned and the reason for the sanction.
Draft
PS-8
CCI-003045
Defines personnel or roles who are to be notified when a formal employee sanctions process is initiated.
Draft
PS-8
CCI-003046
Defines the time period within which to notify organization-defined personnel or roles when a formal employee sanctions process is initiated.
Draft
PS-8
CCI-003047
Defines the personnel or roles to whom the planning policy is disseminated.
Draft
PL-1
CCI-003048
Defines the personnel or roles to whom the planning procedures are disseminated.
Draft
PL-1
CCI-003049
Develop security and privacy plans for the system.
Draft
PL-2
CCI-003050
Develop security and privacy plans for the system that are consistent with the organization's enterprise architecture.
Draft
PL-2
CCI-003051
Develop security and privacy plans for the system that explicitly defines the authorization boundary for the system.
Draft
PL-2
CCI-003052
Develop security and privacy plans for the system that describes the operational context of the system in terms of missions and business processes.
Draft
PL-2
CCI-003053
Develop security and privacy plans for the system that provide the security categorization of the system, including supporting rationale.
Draft
PL-2
CCI-003054
Develop security and privacy plans for the system that describe the operational environment for the system and any dependencies on or connections to, other systems or system components.
Draft
PL-2
CCI-003055
Develop security and privacy plans for the system that provide an overview of the security and privacy requirements for the system.
Draft
PL-2
CCI-003056
Develop security and privacy plans for the system that identify any relevant control baselines or overlays, if applicable.
Draft
PL-2
CCI-003057
Develop security and privacy plans for the system that describe the controls in place or planned for meeting the security and privacy requirements, including a rationale for any tailoring decisions.
Draft
PL-2
CCI-003058
The organization distributes copies of the security plan to organization-defined personnel or roles.
Deprecated
PL-2
CCI-003059
Distribute copies of the plans to organization-defined personnel or roles.
Draft
PL-2
CCI-003060
Defines the personnel or roles to whom copies of the plans are distributed.
Draft
PL-2
Prev
1...
97
98
99
100
101
102
103
104
105
...172
Next