Xylok Scanner CCIs

Number	Definition	Status
CCI-003692	Defines the number enforced for logon attempts.	Draft
CCI-003693	Display an explicit message to users indicating that the session will end at an organization-defined time until end of session.	Draft
CCI-003694	Defines the time until end of session, indicating the session will end.	Draft
CCI-003695	Defines the user actions that can be performed on the system without identification or authentication consistent with organizational missions/business functions.	Draft
CCI-003696	Defines privacy attributes having organization-defined types of privacy attribute values which are associated with information in storage.	Draft
CCI-003697	Defines privacy attributes having organization-defined types of privacy attribute values which are associated with information in process.	Draft
CCI-003698	Defines privacy attributes, having organization-defined types of privacy attribute values, which are associated with information in transmission.	Draft
CCI-003699	Defines privacy attribute values associated with organization-defined types of privacy attributes for information in storage.	Draft
CCI-003700	Defines privacy attribute values associated with organization-defined types of privacy attributes for information in process.	Draft
CCI-003701	Defines privacy attribute values associated with organization-defined types of privacy attributes for information in transmission.	Draft
CCI-003702	Ensure that the privacy attribute associations are made with the information.	Draft
CCI-003703	Ensure that the privacy attribute associations are restrained with the information.	Draft
CCI-003704	Establish the following permitted organization-defined privacy attributes defined in AC-16a for organization-defined systems.	Draft
CCI-003705	Defines the privacy attributes that are permitted for organization-defined systems.	Draft
CCI-003706	Defines the attribute values or ranges permitted for each of the established privacy attributes.	Draft
CCI-003707	Audit changes to the attributes.	Draft
CCI-003708	Review organization-defined security attributes for applicability on an organization-defined frequency.	Draft
CCI-003709	Review organization-defined privacy attributes for applicability on an organization-defined frequency.	Draft
CCI-003710	Defines the security and privacy attributes to be reviewed for applicability.	Draft
CCI-003711	Defines the frequency of which the security and privacy attributes will be reviewed.	Draft
CCI-003712	Dynamically associate privacy attributes with organization-defined subjects in accordance with organization-defined privacy policies as information is created and combined.	Draft
CCI-003713	Dynamically associate privacy attributes with organization-defined objects in accordance with organization-defined privacy policies as information is created and combined.	Draft
CCI-003714	Defines the privacy policies to adhere to when dynamically associating security attributes with organization-defined subjects and objects.	Draft
CCI-003715	Provides authorized individuals (or processes acting on behalf of individuals) the capability to change the value of associated privacy attributes.	Draft
CCI-003716	Provides authorized individuals (or processes acting on behalf of individuals) the capability to define the value of associated privacy attributes.	Draft
CCI-003717	Defines the privacy attributes for which the association and integrity to organization-defined subjects and objects is maintained.	Draft
CCI-003718	Maintain the association of organization-defined privacy attributes to organization-defined subjects.	Draft
CCI-003719	Maintain the association of organization-defined privacy attributes to organization-defined objects.	Draft
CCI-003720	Maintain the integrity of organization-defined privacy attributes associated with organization-defined subjects.	Draft
CCI-003721	Maintain the integrity of organization-defined privacy attributes associated with organization-defined objects.	Draft