An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
20/172
)
CCIs
Number
Definition
Status
Related
CCI-000571
Develop security and privacy plans for the system that are reviewed and approved by the authorizing official or designated representative prior to plan implementation.
Draft
PL-2
CCI-000572
Defines the frequency for reviewing the plans for the system.
Draft
PL-2
CCI-000573
Review the plans in accordance with organization-defined frequency.
Draft
PL-2
CCI-000574
Update the plans to address changes to the system and environment of operation or problems identified during plan implementation or control assessments.
Draft
PL-2
CCI-000575
The organization develops a security Concept of Operations (CONOPS) for the information system.
Deprecated
CCI-000576
The organization develops a security Concept of Operations (CONOPS) for the information system containing, at a minimum: the purpose of the system; a description of the system architecture; the security authorization schedule; and the security categorization and associated factors considered in determining the categorization.
Draft
CCI-000577
Defines the frequency with which to review and update the CONOPS.
Draft
PL-7
CCI-000578
Review and update the CONOPS in accordance with organization-defined frequency.
Draft
PL-7
CCI-000579
The organization develops a functional architecture for the information system.
Deprecated
CCI-000580
The organization develops a functional architecture for the information system that identifies and maintains external interfaces.
Draft
CCI-000581
The organization develops a functional architecture for the information system that identifies and maintains the information being exchanged across the interfaces.
Draft
CCI-000582
The organization develops a functional architecture for the information system that identifies and maintains the protection mechanisms associated with each interface.
Draft
CCI-000583
The organization develops a functional architecture for the information system that identifies and maintains user roles.
Draft
CCI-000584
The organization develops a functional architecture for the information system that identifies and maintains the access privileges assigned to each role.
Draft
CCI-000585
The organization develops a functional architecture for the information system that identifies and maintains unique security requirements.
Draft
CCI-000586
The organization develops a functional architecture for the information system that identifies and maintains types of information processed by the information system.
Draft
CCI-000587
The organization develops a functional architecture for the information system that identifies and maintains types of information stored by the information system.
Draft
CCI-000588
The organization develops a functional architecture for the information system that identifies and maintains types of information transmitted by the information system.
Draft
CCI-000589
The organization develops a functional architecture for the information system that identifies and maintains any specific protection needs in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
Draft
CCI-000590
The organization develops a functional architecture for the information system that identifies and maintains restoration priority of information.
Draft
CCI-000591
The organization develops a functional architecture for the information system that identifies and maintains restoration priority of information system services.
Draft
CCI-000592
Establish the rules that describe their responsibilities and expected behavior, for information and system usage, for individuals requiring access to the system.
Draft
PL-4
CCI-000593
Receive a documented acknowledgement from such individuals, indicating that they have read, understand, and agree to abide by the rules of behavior, before authorizing access to information and the system.
Draft
PL-4
CCI-000594
Include in the rules of behavior, restrictions on the use of social media, social networking sites, and external sites/applications.
Draft
PL-4(1)
CCI-000595
Include in the rules of behavior, restrictions on posting organizational information on public websites.
Draft
PL-4(1)
CCI-000596
The organization includes in the rules of behavior, explicit restrictions on sharing information system account information.
Draft
CCI-000597
The organization conducts a privacy impact assessment on the information system in accordance with OMB policy.
Draft
CCI-000598
The organization plans and coordinates security-related activities affecting the information system before conducting such activities in order to reduce the impact on organizational operations (i.e., mission, functions, image, and reputation).
Draft
CCI-000599
The organization plans and coordinates security-related activities affecting the information system before conducting such activities in order to reduce the impact on organizational assets.
Draft
CCI-000600
The organization plans and coordinates security-related activities affecting the information system before conducting such activities in order to reduce the impact on organizational individuals.
Draft
Prev
1...
16
17
18
19
20
21
22
23
24
...172
Next