An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
125/172
)
CCIs
Number
Definition
Status
Related
CCI-003752
Defines the terms and conditions for processing, storing, or transmitting organization-controlled information using external systems.
Draft
CCI-003753
Defines the controls asserted to be implemented on external systems allowing individuals to process, store, or transmit organization-controlled information using external systems.
Draft
CCI-003754
Prohibit the use of organizationally-defined types of external systems.
Draft
CCI-003755
Defines the types of external systems that are prohibited.
Draft
CCI-003756
Permit authorized individuals to use an external system to access the system or to process, store, or transmit organization-controlled information only after verification of the implementation of controls on the external system as specified in the organization's security policy and security plan.
Draft
CCI-003757
Permit authorized individuals to use an external system to access the system or to process, store, or transmit organization-controlled information only after verification of the implementation of controls on the external system as specified in the organization's privacy policy and privacy plan.
Draft
CCI-003758
Defines the restrictions for the use of organization-controlled portable storage devices.
Draft
CCI-003759
Prohibit the use of organization-controlled portable storage devices by authorized individuals on external systems.
Draft
CCI-003760
Defines the privacy attributes, not to include the identity of the user or process acting on behalf of the user, to be used as the basis for enforcing access control decisions.
Draft
CCI-003761
Develop and document an organization level, mission/business process-level, or system-level awareness and training policy that is consistent with applicable laws, Executive Orders, directives, regulations, policies, standards, and guidelines.
Draft
CCI-003762
Designate an organization-defined official to manage the development and documentation of the awareness and training policy.
Draft
CCI-003763
Designate an organization-defined official to manage the dissemination of the awareness and training policy.
Draft
CCI-003764
Designate an organization-defined official to manage the development and documentation of the awareness and training procedures.
Draft
CCI-003765
Designate an organization-defined official to manage the dissemination of the awareness and training procedures.
Draft
CCI-003766
Provide basic privacy awareness training to system users (including managers, senior executives, and contractors) when required by system changes or following organization-defined events.
Draft
CCI-003767
Employ organization-defined awareness techniques to increase the security awareness of system users.
Draft
CCI-003768
Employ organization-defined awareness techniques to increase the privacy awareness of system users.
Draft
CCI-003769
Defines the awareness techniques for to increase security and privacy awareness of system uses.
Draft
CCI-003770
Update literacy training and awareness content on an organization-defined frequency.
Draft
CCI-003771
Update literacy training and awareness content following organization-defined event.
Draft
CCI-003772
Defines the frequency for updating literacy training and awareness content.
Draft
CCI-003773
Defines the events following updating literacy training and awareness content.
Draft
CCI-003774
Incorporate lessons learned from internal or external security incidents or breaches into literacy training and awareness techniques.
Draft
CCI-003775
Provide literacy training on recognizing and reporting potential and actual instances of social engineering.
Draft
CCI-003776
Provide literacy training on recognizing and reporting potential and actual instances of social mining.
Draft
CCI-003777
Provide literacy training on recognize suspicious communications and anomalous behavior in organizational systems using organization-defined indicators of malicious code.
Draft
CCI-003778
Defines the indicators of malicious code used to recognize suspicious communications and anomalous behavior in organizational systems.
Draft
CCI-003779
Provide literacy training on the advanced persistent threat.
Draft
CCI-003780
Provide literacy training on the cyber threat environment.
Draft
CCI-003781
Reflect current cyber threat information in system operations.
Draft
Prev
1...
121
122
123
124
125
126
127
128
129
...172
Next