An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.11.1 - rmfrev5
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.11.1 - rmfrev5
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
142/172
)
CCIs
Number
Definition
Status
Related
CCI-004262
Determine and document the organization-defined alternate work sites allowed for use by employees.
Draft
PE-17
CCI-004263
Provide a means for employees to communicate with information privacy personnel in case of incidents.
Draft
PE-17
CCI-004264
Protect system components, associated data communications, and networks in accordance with national Emissions Security policies based on the security category or classification of the information.
Draft
PE-19(1)
CCI-004265
Protect system components, associated data communications, and networks in accordance with national Emissions Security procedures based on the security category or classification of the information.
Draft
PE-19(1)
CCI-004266
Employ organization-defined protective measures against electromagnetic pulse damage for organization-defined systems and system components.
Draft
PE-21
CCI-004267
Defines the protective measure employed against electromagnetic pulse damage for organization-defined systems and system components.
Draft
PE-21
CCI-004268
Defines the systems and system components in which organization-defined protective measures are employed against electromagnetic pulse damage.
Draft
PE-21
CCI-004269
Mark organization-defined system hardware components indicating the impact or classification level of the information permitted to be processed, stored, or transmitted by the hardware component.
Draft
PE-22
CCI-004270
Defines the system hardware components which are marked, indicating the impact or classification level of the information permitted to be processed, stored, or transmitted by the hardware component.
Draft
PE-22
CCI-004271
Plan the location or site of the facility where the system resides considering physical and environmental hazards.
Draft
PE-23
CCI-004272
For existing facilities, consider the physical and environmental hazards in the organizational risk management strategy.
Draft
PE-23
CCI-004273
Develop and document an organization-level; mission/business process-level; and or system-level planning policy that is consistent with applicable laws, Executive Orders, directives, regulations, policies, standards, and guidelines.
Draft
PL-1
CCI-004274
Designate an organization-defined official to manage the development and documentation of the planning policy and procedures.
Draft
PL-1
CCI-004275
Designate an organization-defined official to manage the dissemination of the planning policy and procedures.
Draft
PL-1
CCI-004276
Review and update the current planning policy following organization-defined events.
Draft
PL-1
CCI-004277
Review and update the current planning procedures following organization-defined events.
Draft
PL-1
CCI-004278
Develop security and privacy plans for the system that identify the individuals that fulfill system roles and responsibilities.
Draft
PL-2
CCI-004279
Develop security and privacy plans for the system that identify the information types processed, stored, and transmitted by the system.
Draft
PL-2
CCI-004280
Develop security and privacy plans for the system that describe any specific threats to the system that are of concern to the organization.
Draft
PL-2
CCI-004281
Develop security and privacy plans for the system that provide the results of a privacy risk assessment for the systems processing personally identifiable information.
Draft
PL-2
CCI-004282
Develop security and privacy plans for the system that include risk determinations for security and privacy architecture and design decisions.
Draft
PL-2
CCI-004283
Develop security and privacy plans for the system that include security- and privacy-related activities affecting the system that require planning and coordination with organization-defined individuals or groups.
Draft
PL-2
CCI-004284
Establish the rules describing the responsibilities and expected behavior, for security, for individuals requiring access to the system.
Draft
PL-4
CCI-004285
Establish the rules describing the responsibilities and expected behavior, for privacy, for individuals requiring access to the system.
Draft
PL-4
CCI-004286
Provide the rules describing the responsibilities and expected behavior, for information and system usage, for individuals requiring access to the system.
Draft
PL-4
CCI-004287
Provide the rules describing the responsibilities and expected behavior, for security, for individuals requiring access to the system.
Draft
PL-4
CCI-004288
Provide the rules describing the responsibilities and expected behavior, for privacy, for individuals requiring access to the system.
Draft
PL-4
CCI-004289
Defines the frequency individuals are required to read and re-acknowledge the rules of behavior whenever the rules are revised or updated.
Draft
PL-4
CCI-004290
Include in the rules of behavior, restrictions on use of organization-provided identifiers (e.g., email addresses) and authentication secrets (e.g., passwords) for creating accounts on external sites/applications.
Draft
PL-4(1)
CCI-004291
Develop a security Concept of Operations (CONOPS) for the system describing how the organization intends to operate the system from the perspective of information privacy.
Draft
PL-7
Prev
1...
138
139
140
141
142
143
144
145
146
...172
Next