An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
154/172
)
CCIs
Number
Definition
Status
Related
CCI-004622
Integrate risk management decisions from the organization.
Draft
CCI-004623
Integrate mission or business process perspectives with system-level risk assessments.
Draft
CCI-004624
Assess supply chain risks associated with organization-defined systems, system components, and system services.
Draft
CCI-004625
Defines the systems, system-components, and system services for assessing supply chain risks.
Draft
CCI-004626
Update the supply chain risk assessment on an organization-defined frequency when there are significant changes to the relevant supply chain, or when changes to the system, environments of operation, or other conditions may necessitate a change in the supply chain.
Draft
CCI-004627
Defines the frequency for updating the supply chain assessment.
Draft
CCI-004628
Use all-source intelligence to assist in the analysis of risk.
Draft
CCI-004629
Determine the current cyber threat environment on an ongoing basis using organization-defined means.
Draft
CCI-004630
Defines the means for determining the current threat environment.
Draft
CCI-004631
Employ organization-defined advanced automation and analytics capabilities to predict and identify risks to organization-defined systems or system components.
Draft
CCI-004632
Defines the advanced automation and analytics capabilities for predicting and identifying risks to organization-defined systems or system components.
Draft
CCI-004633
Defines the systems or system components for employing advanced automation and analytics capabilities.
Draft
CCI-004634
Employ vulnerability monitoring tools and techniques that facilitate interoperability among tools and automate parts of the vulnerability management process by using standards for: formatting checklists and test procedures.
Draft
CCI-004635
Employ vulnerability monitoring tools and techniques that facilitate interoperability among tools and automate parts of the vulnerability management process by using standards for: measuring vulnerability impact.
Draft
CCI-004636
Employ vulnerability monitoring tools that include the capability to readily update the vulnerabilities to be scanned.
Draft
CCI-004637
Defines the automated mechanisms for comparing the results of multiple vulnerability scans.
Draft
CCI-004638
Defines the system in which will be identified for determining if a vulnerability has been exploited.
Draft
CCI-004639
Defines the time period for reviewing historic audit logs to determine if a vulnerability identified has been exploited.
Draft
CCI-004640
Establish a public reporting channel for receiving reports of vulnerabilities in organizational systems and system components.
Draft
CCI-004641
Respond to findings from security assessments.
Draft
CCI-004642
Respond to findings from privacy assessments.
Draft
CCI-004643
Respond to findings from monitoring.
Draft
CCI-004644
Respond to findings from audits in accordance with organizational risk tolerance.
Draft
CCI-004645
Conduct privacy impact assessments for systems, programs, or other activities before developing or procuring information technology that processes personally identifiable information.
Draft
CCI-004646
Conduct privacy impact assessments for systems, programs, or other activities before initiating a new collection of personally identifiable information that will be processes using information technology.
Draft
CCI-004647
Conduct privacy impact assessments for systems, programs, or other activities before initiating a new collection of personally identifiable information that includes personally identifiable information permitting the physical or virtual (online) contacting of a specific individual, if identical questions have been posed to, or identical reporting requirements imposed on, ten or more persons, other than agencies, instrumentalities, or employees of the Federal Government.
Draft
CCI-004648
Identify critical system components and functions by performing a criticality analysis for organization-defined systems, system components, or system services at organization-defined decision points in the system development life cycle.
Draft
CCI-004649
Defines the system, system components, or system services to perform a criticality analysis for identifying critical system components and functions.
Draft
CCI-004650
Defines the decision points in the system development life cycle at which organization-defined system, system components, or system services to perform a criticality analysis for identifying critical system components and functions.
Draft
CCI-004651
Establish and maintain a cyber threat hunting capability to search for indicators of compromise in organizational systems.
Draft
Prev
1...
150
151
152
153
154
155
156
157
158
...172
Next