An error occurred:

CCIs

Number Definition Status Related
CCI-003902 Designate an organization-defined official to manage the development and documentation of the configuration management procedures. Draft CM-1
CCI-003903 Designate an organization-defined official to manage the dissemination of the configuration management procedures. Draft CM-1
CCI-003904 Review and update the configuration management policy following organization-defined events. Draft CM-1
CCI-003905 Defines the events for when the policy will be reviewed and updated. Draft CM-1
CCI-003906 Review and update, on an organization-defined frequency, the current configuration management procedures. Draft CM-1
CCI-003907 Review and update the configuration management procedures following organization-defined events. Draft CM-1
CCI-003908 Defines the events for when the procedures will be reviewed and updated. Draft CM-1
CCI-003909 Develop and document, under configuration control, a current baseline configuration of the system. Draft CM-2
CCI-003910 Review and update the baseline configuration of the system when system components are installed or upgraded. Draft CM-2
CCI-003911 Defines the automated mechanisms for maintaining the currency, completeness, accuracy, and availability of the baseline configuration of the system. Draft CM-2(2)
CCI-003912 Approve or disapprove configuration-controlled changes to the system, with explicit consideration for privacy impact analyses. Draft CM-3
CCI-003913 Defines the automated mechanisms for documenting proposed changes to the system. Draft CM-3(1)
CCI-003914 Defines the automated mechanisms for notifying approval authorities of proposed changes to the system and request change proposal. Draft CM-3(1)
CCI-003915 Defines the automated mechanisms for highlighting proposed changes to the system that have not been approved or disapproved within an organization-defined time period. Draft CM-3(1)
CCI-003916 Defines the automated mechanisms for prohibiting changes to the system until designated approvals are received. Draft CM-3(1)
CCI-003917 Defines the automated mechanisms for documenting all changes to the system. Draft CM-3(1)
CCI-003918 Defines the automated mechanisms for notifying organization-defined personnel when approved changes to the system are completed. Draft CM-3(1)
CCI-003919 Defines the automated mechanisms to implement changes to the current system baseline. Draft CM-3(3)
CCI-003920 Defines the automated mechanisms to deploy the updated baselines across the installed base. Draft CM-3(3)
CCI-003921 Require an organization-defined privacy representative to be a member of the organization-defined configuration change control element. Draft CM-3(4)
CCI-003922 Defines the security representatives required to be members of the configuration change control element. Draft CM-3(4)
CCI-003923 Defines the privacy representatives required to be members of the configuration change control element. Draft CM-3(4)
CCI-003924 Defines the configuration change control element required for security and privacy representatives. Draft CM-3(4)
CCI-003925 Review changes to the system on an organization-defined frequency or when there are organization-defined circumstances to determine whether unauthorized changes have occurred. Draft CM-3(7)
CCI-003926 Defines the frequency for reviewing changes to the system. Draft CM-3(7)
CCI-003927 Defines the circumstances for determining whether unauthorized changes to the system have occurred. Draft CM-3(7)
CCI-003928 Prevent or restrict changes to the configuration of the system under organization-defined circumstances. Draft CM-3(8)
CCI-003929 Defines the circumstances for preventing or restricting changes to the configuration of the system. Draft CM-3(8)
CCI-003930 Analyze changes to the system to determine potential privacy impacts prior to change implementation. Draft CM-4
CCI-003931 When analyzing changes to the system, looks for security impacts due to flaws, weaknesses, incompatibility, or intentional malice. Draft CM-4(1)