An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
31/172
)
CCIs
Number
Definition
Status
Related
CCI-000901
The organization defines a list of security-critical information system components and/or key information technology components for which it will obtain maintenance support and/or spare parts.
Draft
CCI-000902
The organization defines a time period for obtaining maintenance support and/or spare parts for security-critical information system components and/or key information technology components.
Draft
CCI-000903
Obtain maintenance support and/or spare parts for organization-defined system components within an organization-defined time period of failure.
Draft
MA-6
CCI-000904
Develop and document an organization-level; mission/business process-level; and/or system-level physical and environmental protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance.
Draft
PE-1
CCI-000905
Disseminate a physical and environmental protection policy to organization-defined personnel or roles.
Draft
PE-1
CCI-000906
Review and update the current physical and environmental protection policy in accordance with organization-defined frequency.
Draft
PE-1
CCI-000907
Defines the frequency with which to review and update the physical and environmental protection policy.
Draft
PE-1
CCI-000908
Develop and document procedures to facilitate the implementation of the physical and environmental protection policy and associated physical and environmental protection controls.
Draft
PE-1
CCI-000909
Disseminate physical and environmental protection procedures to organization-defined personnel or roles.
Draft
PE-1
CCI-000910
Review and update the current physical and environmental protection procedures in accordance with organization-defined frequency.
Draft
PE-1
CCI-000911
Defines the frequency with which to review and update the physical and environmental protection procedures.
Draft
PE-1
CCI-000912
Develop a list of individuals with authorized access to the facility where the system resides.
Draft
PE-2
CCI-000913
Issue authorization credentials for facility access.
Draft
PE-2
CCI-000914
Review the access list detailing authorized facility access by individuals in accordance with organization-defined frequency.
Draft
PE-2
CCI-000915
Defines the frequency with which to review the access list detailing authorized facility access by individuals.
Draft
PE-2
CCI-000916
Authorize physical access to the facility where the system resides based on position or role.
Draft
PE-2(1)
CCI-000917
Require two forms of identification from an organization-defined list of acceptable forms of identification for visitor access to the facility where the system resides.
Draft
PE-2(2)
CCI-000918
The organization restricts physical access to the facility containing an information system that processes classified information to authorized personnel with appropriate clearances and access authorizations.
Draft
CCI-000919
The organization enforces physical access authorizations at organization-defined entry/exit points to the facility where the information system resides.
Draft
PE-3
CCI-000920
Verify individual access authorizations before granting access to the facility.
Draft
PE-3
CCI-000921
The organization controls ingress/egress to the facility where the information system resides using one or more organization-defined physical access control systems/devices or guards.
Draft
PE-3
CCI-000922
The organization controls access to areas officially designated as publicly accessible in accordance with the organization's assessment of risk.
Draft
CCI-000923
Secure keys, combinations, and other physical access devices.
Draft
PE-3
CCI-000924
Inventory organization-defined physical access devices on an organization-defined frequency.
Draft
PE-3
CCI-000925
Defines the frequency for conducting inventories of organization-defined physical access devices.
Draft
PE-3
CCI-000926
Change combinations and keys in accordance with organization-defined frequency and/or when keys are lost, combinations are compromised, or when individuals possessing the keys or combinations are transferred or terminated.
Draft
PE-3
CCI-000927
Defines a frequency for changing combinations and keys.
Draft
PE-3
CCI-000928
Enforce physical access authorizations to the system in addition to the physical access controls for the facility where the system resides at organization-defined physical spaces containing one or more components of the system.
Draft
PE-3(1)
CCI-000929
Perform security checks in accordance with organization-defined frequency at the physical boundary of the facility or system for unauthorized exfiltration of information or removal of system components.
Draft
PE-3(2)
CCI-000930
Employ guards to control every physical access point to the facility where the system resides 24 hours per day, 7 days per week.
Draft
PE-3(3)
Prev
1...
27
28
29
30
31
32
33
34
35
...172
Next