An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.11.1 - rmfrev5
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.11.1 - rmfrev5
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
118/172
)
CCIs
Number
Definition
Status
Related
CCI-003541
The organization implements a process for responding to complaints, concerns, or questions from individuals about the organizational privacy practices.
Draft
CCI-003542
The organization defines the time period within which it must respond to complaints, concerns, or questions from individuals about the organizational privacy practices.
Draft
CCI-003543
The organization responds to complaints, concerns, or questions from individuals about the organizational privacy practices within the organization-defined time period.
Draft
CCI-003544
The organization defines the frequency on which it will update the inventory that contains a listing of all programs and information systems identified as collecting, using, maintaining, or sharing personally identifiable information (PII).
Draft
CCI-003545
The organization establishes an inventory that contains a listing of all programs identified as collecting, using, maintaining, or sharing personally identifiable information (PII).
Draft
CCI-003546
The organization establishes an inventory that contains a listing of all information systems identified as collecting, using, maintaining, or sharing personally identifiable information (PII).
Draft
CCI-003547
The organization maintains an inventory that contains a listing of all programs identified as collecting, using, maintaining, or sharing personally identifiable information (PII).
Draft
CCI-003548
The organization maintains an inventory that contains a listing of all information systems identified as collecting, using, maintaining, or sharing personally identifiable information (PII).
Draft
CCI-003549
The organization updates, per organization-defined frequency, an inventory that contains a listing of all programs identified as collecting, using, maintaining, or sharing personally identifiable information (PII).
Draft
CCI-003550
The organization updates, per organization-defined frequency, an inventory that contains a listing of all information systems identified as collecting, using, maintaining, or sharing personally identifiable information (PII).
Draft
CCI-003551
The organization defines the frequency for providing each update of the personally identifiable information (PII) inventory to the CIO or information security official.
Draft
CCI-003552
The organization provides each update of the personally identifiable information (PII) inventory to the CIO or information security official, per organization-defined frequency, to support the establishment of information security requirements for all new or modified information systems containing PII.
Draft
CCI-003553
The organization develops a Privacy Incident Response Plan.
Draft
CCI-003554
The organization implements a Privacy Incident Response Plan.
Draft
CCI-003555
The organization provides an organized and effective response to privacy incidents in accordance with the organizational Privacy Incident Response Plan.
Draft
CCI-003556
The organization provides effective notice to the public regarding its activities that impact privacy, including its collection, use, sharing, safeguarding, maintenance, and disposal of personally identifiable information (PII).
Draft
CCI-003557
The organization provides effective notice to individuals regarding its activities that impact privacy, including its collection, use, sharing, safeguarding, maintenance, and disposal of personally identifiable information (PII).
Draft
CCI-003558
The organization provides effective notice to the public regarding its authority for collecting personally identifiable information (PII).
Draft
CCI-003559
The organization provides effective notice to individuals regarding its authority for collecting personally identifiable information (PII).
Draft
CCI-003560
The organization provides effective notice to the public regarding the choices, if any, individuals may have regarding how the organization uses personally identifiable information (PII).
Draft
CCI-003561
The organization provides effective notice to individuals regarding the choices, if any, individuals may have regarding how the organization uses personally identifiable information (PII).
Draft
CCI-003562
The organization provides effective notice to the public regarding the consequences of exercising or not exercising the choices regarding how the organization uses personally identifiable information (PII).
Draft
CCI-003563
The organization provides effective notice to individuals regarding the consequences of exercising or not exercising the choices regarding how the organization uses personally identifiable information (PII).
Draft
CCI-003564
The organization provides effective notice to the public regarding the ability of individuals to access personally identifiable information (PII).
Draft
CCI-003565
The organization provides effective notice to individuals regarding the ability to access personally identifiable information (PII).
Draft
CCI-003566
The organization provides effective notice to the public regarding the ability to have personally identifiable information (PII) amended or corrected if necessary.
Draft
CCI-003567
The organization provides effective notice to individuals regarding the ability to have personally identifiable information (PII) amended or corrected if necessary.
Draft
CCI-003568
The organization describes the personally identifiable information (PII) the organization collects.
Draft
CCI-003569
The organization describes the purpose(s) for which it collects the personally identifiable information (PII).
Draft
CCI-003570
The organization describes how the organization uses personally identifiable information (PII) internally.
Draft
Prev
1...
114
115
116
117
118
119
120
121
122
...172
Next