An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
104/172
)
CCIs
Number
Definition
Status
Related
CCI-003121
Defines the frequency on which to employ technical surveillance countermeasures surveys.
Draft
RA-6
CCI-003122
Defines the events or indicators upon which technical surveillance countermeasures surveys are to be employed.
Draft
RA-6
CCI-003123
Implement organization-defined cryptographic mechanisms to protect the confidentiality of nonlocal maintenance and diagnostic communications.
Draft
MA-4(6)
CCI-003124
Obtain or develop administrator documentation for the system, system component, or system service that describes secure configuration of the system, component, or service.
Draft
SA-5
CCI-003125
Obtain or develop administrator documentation for the system, system component, or system service that describes secure installation of the system, component, or service.
Draft
SA-5
CCI-003126
Obtain or develop administrator documentation for the system, system component, or system service that describes secure operation of the system, component, or service.
Draft
SA-5
CCI-003127
Obtain or develop administrator documentation for the system, system component, or system services that describes effective use and maintenance of security functions and mechanisms.
Draft
SA-5
CCI-003128
Obtain or develop administrator documentation for the system, system component, or system service that describes known vulnerabilities regarding configuration and use of administrative or privileged functions.
Draft
SA-5
CCI-003129
Obtain or develop user documentation for the system, system component, or system service that describes user-accessible security functions and mechanisms and how to effectively use those functions and mechanisms.
Draft
SA-5
CCI-003130
Obtain or develop user documentation for the system, system component, or system service that describes methods for user interaction which enables individuals to use the system, component, or service in a more secure manner.
Draft
SA-5
CCI-003131
Obtain or develop user documentation for the system, system component, or system service that describes user responsibilities in maintaining the security of the system, component, or service.
Draft
SA-5
CCI-003132
Take organization-defined actions in response to attempts to obtain either unavailable or nonexistent documentation for the system, system component, or system service.
Draft
SA-5
CCI-003133
Defines actions to be taken in response to attempts to obtain either unavailable or nonexistent documentation for the system, system component, or system service.
Draft
SA-5
CCI-003134
The organization protects information system, system component, or information system service documentation as required, in accordance with the risk management strategy.
Draft
SA-5
CCI-003135
Distribute system, system component, or system service documentation to organization-defined personnel or roles.
Draft
SA-5
CCI-003136
Defines the personnel or roles to whom system, system component, or system service documentation is to be distributed.
Draft
SA-5
CCI-003137
The organization defines security controls that providers of external information system services employ in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
Draft
SA-9
CCI-003138
Employ organization-defined processes, methods, and techniques to monitor control compliance by external service providers on an ongoing basis.
Draft
SA-9
CCI-003139
Defines processes, methods, and techniques to employ to monitor control compliance by external service providers on an ongoing basis.
Draft
SA-9
CCI-003140
Conduct an organizational assessment of risk prior to the acquisition or outsourcing of information security services.
Draft
SA-9(1)
CCI-003141
Verify that the acquisition or outsourcing of dedicated information security services is approved by organization-defined personnel or roles.
Draft
SA-9(1)
CCI-003142
Defines the personnel or roles authorized to approve the acquisition or outsourcing of dedicated information security services.
Draft
SA-9(1)
CCI-003143
Require providers of organization-defined external system services to identify the functions, ports, protocols, and other services required for the use of such services.
Draft
SA-9(2)
CCI-003144
Defines the external system services for which the providers are required to identify the functions, ports, protocols, and other services required for the use of such services.
Draft
SA-9(2)
CCI-003145
Establish trust relationships with external service providers based on organization-defined security requirements, properties, factors, or conditions defining acceptable trust relationships.
Draft
SA-9(3)
CCI-003146
Document trust relationships with external service providers based on organization-defined security requirements, properties, factors, or conditions defining acceptable trust relationships.
Draft
SA-9(3)
CCI-003147
Maintain trust relationships with external service providers based on organization-defined security requirements, properties, factors, or conditions defining acceptable trust relationships.
Draft
SA-9(3)
CCI-003148
Defines security requirements, properties, factors, or conditions defining acceptable trust relationships with external service providers.
Draft
SA-9(3)
CCI-003149
Take organization-defined actions to verify that the interests of organization-defined external service providers are consistent with and reflect organizational interests.
Draft
SA-9(4)
CCI-003150
Defines the actions taken to verify that the interests of organization-defined external service providers are consistent with and reflect organizational interests.
Draft
SA-9(4)
Prev
1...
100
101
102
103
104
105
106
107
108
...172
Next