An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
153/172
)
CCIs
Number
Definition
Status
Related
CCI-004592
Apply organization-defined processing conditions for specific categories of personally identifiable information.
Draft
CCI-004593
Defines the processing conditions for applying specific categories of personally identifiable information.
Draft
CCI-004594
When a system processes Social Security numbers: eliminate unnecessary collection, maintenance, and use of Social Security numbers, and explore alternatives to their use as a personal identifier.
Draft
CCI-004595
When a system processes Social Security numbers: do not deny any individuals any right, benefit, or privilege provided by law because of such individuals' refusal to disclose his or her Social Security number.
Draft
CCI-004596
When a system processes Social Security numbers: inform any individual who is asked to disclose his or Social Security number whether that disclosure is mandatory or voluntary, by what statutory or other authority such number is solicited, and what uses will be made of it.
Draft
CCI-004597
Prohibit the processing of information describing how any individual exercises rights guaranteed by the First Amendment unless expressly authorized by statue or by the individual or unless pertinent to and within the scope of an authorized law enforcement activity.
Draft
CCI-004598
When a system or organization processes information for the purpose of conducting a matching program: obtain approval from the Data Integrity Board to conduct the matching program.
Draft
CCI-004599
When a system or organization processes information for the purpose of conducting a matching program: develop and enter into a computer matching agreement.
Draft
CCI-004600
When a system or organization processes information for the purpose of conducting a matching program: publish a matching notice in the Federal Register.
Draft
CCI-004601
When a system or organization processes information for the purpose of conducting a matching program: independently verify the information produced by the matching program before taking adverse action against an individual, if required.
Draft
CCI-004602
When a system or organization processes information for the purpose of conducting a matching program: provide individuals with notice and an opportunity to contest the findings before taking adverse action against an individual.
Draft
CCI-004603
Develop and document an organization-level; mission/business process-level; system-level risk assessment policy that is consistent with applicable laws, Executive Orders, directives, regulations, policies, standards, and guidelines.
Draft
CCI-004604
Disseminate an organization-level; mission/business process-level; system-level risk assessment policy that is consistent with applicable laws, Executive Orders, directives, regulations, policies, standards, and guidelines, to organization-defined personnel or roles.
Draft
CCI-004605
Designate an organization-defined official to manage the development and documentation of the risk assessment policy.
Draft
CCI-004606
Designate an organization-defined official to manage the dissemination of the risk assessment policy.
Draft
CCI-004607
Designate an organization-defined official to manage development and documentation of the risk assessment procedures.
Draft
CCI-004608
Designate an organization-defined official to manage dissemination of the risk assessment procedures.
Draft
CCI-004609
Defines the official designated to manage the development, documentation, and dissemination of the risk assessment policy and procedures.
Draft
CCI-004610
Review and update the current risk assessment policy following organization-defined events.
Draft
CCI-004611
Defines the events following reviewing and updating the current risk assessment policy.
Draft
CCI-004612
Review and update the current risk assessment procedures following organization-defined events.
Draft
CCI-004613
Defines the events following reviewing and updating the current risk assessment procedures.
Draft
CCI-004614
Categorize the system and information it processes.
Draft
CCI-004615
Categorize the system and information it stores.
Draft
CCI-004616
Categorize the system and information it transmits.
Draft
CCI-004617
Conduct a impact-level categorization of organizational systems to obtain additional granularity on system impact levels.
Draft
CCI-004618
Conduct a risk assessment, including identifying threats to the system.
Draft
CCI-004619
Conduct a risk assessment, including identifying vulnerabilities in the system.
Draft
CCI-004620
Conduct a risk assessment, including determining the likelihood and impact of adverse effects on individuals arising from the processing of personally-identifiable information.
Draft
CCI-004621
Integrate risk assessment results from the organization.
Draft
Prev
1...
149
150
151
152
153
154
155
156
157
...172
Next