An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
160/172
)
CCIs
Number
Definition
Status
Related
CCI-004802
Defines the information concerning impact, environment of operations, known or assumed threats, and acceptable risk levels.
Draft
CCI-004803
Employ the following tools and methods.
Draft
CCI-004804
Defines the tools and methods to be employed.
Draft
CCI-004805
Conduct the modeling and analyses as the following level of rigor.
Draft
CCI-004806
Defines the breadth and depth of modeling and analyses the level of rigor will be conducted.
Draft
CCI-004807
Produces evidence that meets the following acceptance criteria.
Draft
CCI-004808
Defines the acceptance criteria that meets the requirement for producing evidence.
Draft
CCI-004809
Require an independent agent satisfying organization-defined independence criteria to verify the correct implementation of the developer privacy assessment plan.
Draft
CCI-004810
Require an independent agent satisfying organization-defined independence criteria to verify the evidence produced during privacy testing and evaluation.
Draft
CCI-004811
Defines the independence criteria the independent agent must satisfy prior to verifying the correct implementation of the developer privacy assessment plan and the evidence produced during privacy testing and evaluation.
Draft
CCI-004812
Require the developer of the system, system component, or system service to perform penetration testing at an organization-defined breadth and depth of testing.
Draft
CCI-004813
Require the developer of the system, system component, or system service to perform penetration testing under organization-defined constraints.
Draft
CCI-004814
Require the developer of the system, system component, or system service to employ interactive application security testing tools to identify flaws.
Draft
CCI-004815
Require the developer of the system, system component, or system service to employ interactive application security testing tools to document the results.
Draft
CCI-004816
Require the developer of the system, system component, or system service to follow a documented development process that explicitly addresses privacy requirements.
Draft
CCI-004817
Review the development process in accordance with organization-defined frequency to determine if the development process selected and employed can satisfy organization-defined privacy requirements.
Draft
CCI-004818
Review the development standards in accordance with organization-defined frequency to determine if the development standards selected and employed can satisfy organization-defined privacy requirements.
Draft
CCI-004819
Review the development tools in accordance with organization-defined frequency to determine if the development tools selected and employed can satisfy organization-defined privacy requirements.
Draft
CCI-004820
Review the development tool options/configurations in accordance with organization-defined frequency to determine if the development tool options and tool configurations selected and employed can satisfy organization-defined privacy requirements.
Draft
CCI-004821
Defines the frequency on which to review the development process, standards, tools, and tool options/configurations to determine if the process, standards, tools, and tool options and tool configurations selected and employed can satisfy organization-defined privacy requirements.
Draft
CCI-004822
Defines the privacy requirements that must be satisfied by conducting a review of the development process, standards, tools, and tool options and tool configurations.
Draft
CCI-004823
Require the developer of the system, system component, or system service to select a privacy tracking tool for use during the development process.
Draft
CCI-004824
Require the developer of the system, system component, or system service to employ a privacy tracking tool for use during the development process.
Draft
CCI-004825
Require the developer of the system, system component, or system service to perform a criticality analysis at the organization-defined decision points in the system development life cycle.
Draft
CCI-004826
Require the developer of the system, system component, or system service to perform a criticality analysis at an organization-defined breadth/depth of criticality analysis.
Draft
CCI-004827
Defines the frequency for performing an automated vulnerability analysis using organization-defined tools.
Draft
CCI-004828
Defines the frequency for determining the exploitation potential for discovered vulnerabilities.
Draft
CCI-004829
Defines the frequency for determining potential risk mitigations for delivered vulnerabilities.
Draft
CCI-004830
Defines the frequency for delivering the outputs of the tools and results of the vulnerability analysis to organization-defined personnel or roles.
Draft
CCI-004831
Require the developer of the system, system component, or system service to implement an incident response plan.
Draft
Prev
1...
156
157
158
159
160
161
162
163
164
...172
Next