An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
23/172
)
CCIs
Number
Definition
Status
Related
CCI-000661
The organization provides exceptions to the source code requirement only when no alternative solutions are available to support compelling mission/operational requirements.
Draft
CCI-000662
The organization obtains express written consent of the authorizing official for exceptions to the source code requirement.
Draft
CCI-000663
The organization (or information system) enforces explicit rules governing the installation of software by users.
Draft
CCI-000664
Apply organization-defined systems security and privacy engineering principles in the specification of the system and system components.
Draft
SA-8
CCI-000665
Apply organization-defined systems security and privacy engineering principles in the design of the system and system components.
Draft
SA-8
CCI-000666
Apply organization-defined systems security and privacy engineering principles in the development of the system and system components.
Draft
SA-8
CCI-000667
Apply organization-defined systems security and privacy engineering principles in the implementation of the system and system components.
Draft
SA-8
CCI-000668
Apply organization-defined systems security and privacy engineering principles in the modification of the system and system components.
Draft
SA-8
CCI-000669
Require that providers of external system services comply with organizational security requirements.
Draft
SA-9
CCI-000670
The organization requires that providers of external information system services employ organization-defined security controls in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
Draft
SA-9
CCI-000671
The organization defines government oversight with regard to external information system services.
Draft
SA-9
CCI-000672
The organization documents government oversight with regard to external information system services.
Draft
SA-9
CCI-000673
The organization defines user roles and responsibilities with regard to external information system services.
Draft
SA-9
CCI-000674
The organization documents user roles and responsibilities with regard to external information system services.
Draft
SA-9
CCI-000675
The organization monitors security control compliance by external service providers.
Draft
CCI-000676
The organization conducts an organizational assessment of risk prior to the acquisition of dedicated information security services.
Draft
CCI-000677
The organization conducts an organizational assessment of risk prior to the outsourcing of dedicated information security services.
Draft
CCI-000678
The organization defines the senior organizational official designated to approve acquisition of dedicated information security services.
Draft
CCI-000679
The organization defines the senior organizational official designated to approve outsourcing of dedicated information security services.
Draft
CCI-000680
The organization ensures the acquisition of dedicated information security services is approved by an organization-designated senior organizational official.
Draft
CCI-000681
The organization ensures the outsourcing of dedicated information security services is approved by an organization-designated senior organizational official.
Draft
CCI-000682
The organization requires information system developers to perform configuration management during information system design.
Draft
CCI-000683
The organization requires information system developers to perform configuration management during information system development.
Draft
CCI-000684
The organization requires information system developers to perform configuration management during information system implementation.
Draft
CCI-000685
The organization requires information system developers to perform configuration management during information system operation.
Draft
CCI-000686
The organization requires information system integrators to perform configuration management during information system design.
Draft
CCI-000687
The organization requires information system integrators to perform configuration management during information system development.
Draft
CCI-000688
The organization requires information system integrators to perform configuration management during information system implementation.
Draft
CCI-000689
The organization requires information system integrators to perform configuration management during information system operation.
Draft
CCI-000690
The organization requires information system developers to manage and control changes to the information system during design.
Draft
Prev
1...
19
20
21
22
23
24
25
26
27
...172
Next