An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
24/172
)
CCIs
Number
Definition
Status
Related
CCI-000691
The organization requires information system integrators to manage and control changes to the information system during design.
Draft
CCI-000692
Require the developer of the system, system component, or system service to implement only organization-approved changes to the system, component, or service.
Draft
SA-10
CCI-000693
The organization requires information system integrators to implement only organization-approved changes.
Draft
CCI-000694
Require the developer of the system, system component, or system service to document approved changes to the system, component, or service.
Draft
SA-10
CCI-000695
The organization requires information system integrators to document approved changes to the information system.
Draft
CCI-000696
The organization requires that information system developers track security flaws and flaw resolution.
Draft
CCI-000697
The organization requires information system integrators to track security flaws and flaw resolution.
Draft
CCI-000698
Require the developer of the system, system component, or system service to enable integrity verification of software and firmware components.
Draft
SA-10(1)
CCI-000699
The organization requires information system integrators to provide an integrity check of software to facilitate organizational verification of software integrity after delivery.
Draft
CCI-000700
Provide an alternate configuration management process using organizational personnel in the absence of a dedicated developer configuration management team.
Draft
SA-10(2)
CCI-000701
The organization provides an alternative configuration management process with organizational personnel in the absence of a dedicated integrator configuration management team.
Draft
CCI-000702
The organization requires information system developers, in consultation with associated security personnel (including security engineers), to create a security test and evaluation plan.
Draft
CCI-000703
The organization requires information system developers, in consultation with associated security personnel (including security engineers), to implement a security test and evaluation plan.
Draft
CCI-000704
The organization requires information system integrators, in consultation with associated security personnel (including security engineers), to create a security test and evaluation plan.
Draft
CCI-000705
The organization requires information system integrators, in consultation with associated security personnel (including security engineers), to implement a security test and evaluation plan.
Draft
CCI-000706
The organization requires information system developers, in consultation with associated security personnel (including security engineers), to implement a verifiable flaw remediation process to correct weaknesses and deficiencies identified during the security testing and evaluation process.
Draft
CCI-000707
The organization requires information system integrators, in consultation with associated security personnel (including security engineers), to implement a verifiable flaw remediation process to correct weaknesses and deficiencies identified during the security testing and evaluation process.
Draft
CCI-000708
The organization requires information system developers, in consultation with associated security personnel (including security engineers), to document the results of the security testing/evaluation processes.
Draft
CCI-000709
The organization requires information system developers, in consultation with associated security personnel (including security engineers), to document the results of the security flaw remediation processes.
Draft
CCI-000710
The organization requires information system integrators, in consultation with associated security personnel (including security engineers), to document the results of the security testing/evaluation processes.
Draft
CCI-000711
The organization requires information system integrators, in consultation with associated security personnel (including security engineers), to document the results of the security flaw remediation processes.
Draft
CCI-000712
The organization requires information system developers to employ code analysis tools to examine software for common flaws and document the results of the analysis.
Draft
CCI-000713
The organization requires information system integrators to employ code analysis tools to examine software for common flaws and document the results of the analysis.
Draft
CCI-000714
The organization requires information system developers to perform a vulnerability analysis to document vulnerabilities.
Draft
CCI-000715
The organization requires information system developers to perform a vulnerability analysis to document exploitation potential.
Draft
CCI-000716
The organization requires information system developers to perform a vulnerability analysis to document risk mitigations.
Draft
CCI-000717
The organization requires information system integrators to perform a vulnerability analysis to document vulnerabilities.
Draft
CCI-000718
The organization requires information system integrators to perform a vulnerability analysis to document exploitation potential.
Draft
CCI-000719
The organization requires information system integrators perform a vulnerability analysis to document risk mitigations.
Draft
CCI-000720
The organization requires information system developers implement the security test and evaluation plan under the witness of an independent verification and validation agent.
Draft
Prev
1...
20
21
22
23
24
25
26
27
28
...172
Next