An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.11.1 - rmfrev5
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.11.1 - rmfrev5
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
160/172
)
CCIs
Number
Definition
Status
Related
CCI-004802
Defines the information concerning impact, environment of operations, known or assumed threats, and acceptable risk levels.
Draft
SA-11(2)
CCI-004803
Employ the following tools and methods.
Draft
SA-11(2)
CCI-004804
Defines the tools and methods to be employed.
Draft
SA-11(2)
CCI-004805
Conduct the modeling and analyses as the following level of rigor.
Draft
SA-11(2)
CCI-004806
Defines the breadth and depth of modeling and analyses the level of rigor will be conducted.
Draft
SA-11(2)
CCI-004807
Produces evidence that meets the following acceptance criteria.
Draft
SA-11(2)
CCI-004808
Defines the acceptance criteria that meets the requirement for producing evidence.
Draft
SA-11(2)
CCI-004809
Require an independent agent satisfying organization-defined independence criteria to verify the correct implementation of the developer privacy assessment plan.
Draft
SA-11(3)
CCI-004810
Require an independent agent satisfying organization-defined independence criteria to verify the evidence produced during privacy testing and evaluation.
Draft
SA-11(3)
CCI-004811
Defines the independence criteria the independent agent must satisfy prior to verifying the correct implementation of the developer privacy assessment plan and the evidence produced during privacy testing and evaluation.
Draft
SA-11(3)
CCI-004812
Require the developer of the system, system component, or system service to perform penetration testing at an organization-defined breadth and depth of testing.
Draft
SA-11(5)
CCI-004813
Require the developer of the system, system component, or system service to perform penetration testing under organization-defined constraints.
Draft
SA-11(5)
CCI-004814
Require the developer of the system, system component, or system service to employ interactive application security testing tools to identify flaws.
Draft
SA-11(9)
CCI-004815
Require the developer of the system, system component, or system service to employ interactive application security testing tools to document the results.
Draft
SA-11(9)
CCI-004816
Require the developer of the system, system component, or system service to follow a documented development process that explicitly addresses privacy requirements.
Draft
SA-15
CCI-004817
Review the development process in accordance with organization-defined frequency to determine if the development process selected and employed can satisfy organization-defined privacy requirements.
Draft
SA-15
CCI-004818
Review the development standards in accordance with organization-defined frequency to determine if the development standards selected and employed can satisfy organization-defined privacy requirements.
Draft
SA-15
CCI-004819
Review the development tools in accordance with organization-defined frequency to determine if the development tools selected and employed can satisfy organization-defined privacy requirements.
Draft
SA-15
CCI-004820
Review the development tool options/configurations in accordance with organization-defined frequency to determine if the development tool options and tool configurations selected and employed can satisfy organization-defined privacy requirements.
Draft
SA-15
CCI-004821
Defines the frequency on which to review the development process, standards, tools, and tool options/configurations to determine if the process, standards, tools, and tool options and tool configurations selected and employed can satisfy organization-defined privacy requirements.
Draft
SA-15
CCI-004822
Defines the privacy requirements that must be satisfied by conducting a review of the development process, standards, tools, and tool options and tool configurations.
Draft
SA-15
CCI-004823
Require the developer of the system, system component, or system service to select a privacy tracking tool for use during the development process.
Draft
SA-15(2)
CCI-004824
Require the developer of the system, system component, or system service to employ a privacy tracking tool for use during the development process.
Draft
SA-15(2)
CCI-004825
Require the developer of the system, system component, or system service to perform a criticality analysis at the organization-defined decision points in the system development life cycle.
Draft
SA-15(3)
CCI-004826
Require the developer of the system, system component, or system service to perform a criticality analysis at an organization-defined breadth/depth of criticality analysis.
Draft
SA-15(3)
CCI-004827
Defines the frequency for performing an automated vulnerability analysis using organization-defined tools.
Draft
SA-15(7)
CCI-004828
Defines the frequency for determining the exploitation potential for discovered vulnerabilities.
Draft
SA-15(7)
CCI-004829
Defines the frequency for determining potential risk mitigations for delivered vulnerabilities.
Draft
SA-15(7)
CCI-004830
Defines the frequency for delivering the outputs of the tools and results of the vulnerability analysis to organization-defined personnel or roles.
Draft
SA-15(7)
CCI-004831
Require the developer of the system, system component, or system service to implement an incident response plan.
Draft
SA-15(10)
Prev
1...
156
157
158
159
160
161
162
163
164
...172
Next