An error occurred:

CCIs

Number Definition Status Related
CCI-000721 The organization requires information system integrators to implement the security test and evaluation plan under the witness of an independent verification and validation agent. Draft
CCI-000722 The organization defines the security safeguards to employ to protect against supply chain threats to the information system, system component, or information system service. Draft SA-12
CCI-000723 The organization protects against supply chain threats to the information system, system component, or information system service by employing organization-defined security safeguards as part of a comprehensive, defense-in-breadth information security strategy. Draft SA-12
CCI-000724 The organization purchases all anticipated information system components and spares in the initial acquisition. Draft
CCI-000725 The organization conducts a due diligence review of suppliers prior to entering into contractual agreements to acquire information system hardware. Draft
CCI-000726 The organization conducts a due diligence review of suppliers prior to entering into contractual agreements to acquire information system software. Draft
CCI-000727 The organization conducts a due diligence review of suppliers prior to entering into contractual agreements to acquire information system firmware. Draft
CCI-000728 The organization conducts a due diligence review of suppliers prior to entering into contractual agreements to acquire information system services. Draft
CCI-000729 The organization uses trusted shipping for information systems. Draft
CCI-000730 The organization uses trusted shipping for information system components. Draft
CCI-000731 The organization uses trusted shipping for information technology products. Draft
CCI-000732 The organization uses trusted warehousing for information systems. Draft
CCI-000733 The organization uses trusted warehousing for information system components. Draft
CCI-000734 The organization uses trusted warehousing for information technology products. Draft
CCI-000735 The organization employs a diverse set of suppliers for information systems. Draft
CCI-000736 The organization employs a diverse set of suppliers for information system components. Draft
CCI-000737 The organization employs a diverse set of suppliers for information technology products. Draft
CCI-000738 The organization employs a diverse set of suppliers for information system services. Draft
CCI-000739 The organization employs standard configurations for information systems. Draft
CCI-000740 The organization employs standard configurations for information system components. Draft
CCI-000741 The organization employs standard configurations for information technology products. Draft
CCI-000742 The organization minimizes the time between purchase decisions and delivery of information systems. Draft
CCI-000743 The organization minimizes the time between purchase decisions and delivery of information system components. Draft
CCI-000744 The organization minimizes the time between purchase decisions and delivery of information technology products. Draft
CCI-000745 The organization employs independent analysis and penetration testing against delivered information systems. Draft
CCI-000746 The organization employs independent analysis and penetration testing against delivered information system components. Draft
CCI-000747 The organization employs independent analysis and penetration testing against delivered information technology products. Draft
CCI-000748 The organization defines level of trustworthiness for the information system. Draft
CCI-000749 The organization requires that the information system meets the organization-defined level of trustworthiness. Draft
CCI-000750 The organization defines the list of critical information system components that require re-implementation. Draft