An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
51/172
)
CCIs
Number
Definition
Status
Related
CCI-001501
The organization defines safeguards and countermeasures to be employed by the information system if security functions (or mechanisms) are changed inappropriately.
Draft
CCI-001502
The organization monitors changes to the configuration settings in accordance with organizational policies and procedures.
Draft
CM-6
CCI-001503
The organization controls changes to the configuration settings in accordance with organizational policies and procedures.
Draft
CM-6
CCI-001504
Develop and document an organization-level; mission/business process-level; and/or system-level personnel security policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance.
Draft
PS-1
CCI-001505
Disseminate an organization-level; mission/business process-level; and/or system-level personnel security policy to organization-defined personnel or roles.
Draft
PS-1
CCI-001506
Review and update the current personnel security policy in accordance with organization-defined frequency.
Draft
PS-1
CCI-001507
Defines the frequency with which to review and update the current personnel security policy.
Draft
PS-1
CCI-001508
Defines the frequency with which to review and update the current personnel security procedures.
Draft
PS-1
CCI-001509
Develop and document procedures to facilitate the implementation of the personnel security policy and associated personnel security controls.
Draft
PS-1
CCI-001510
Disseminate personnel security procedures to organization-defined personnel or roles.
Draft
PS-1
CCI-001511
Review and update the current personnel security procedures in accordance with organization-defined frequency.
Draft
PS-1
CCI-001512
Assign a risk designation to all organizational positions.
Draft
PS-2
CCI-001513
Establish screening criteria for individuals filling organizational positions.
Draft
PS-2
CCI-001514
Review and update position risk designations in accordance with organization-defined frequency.
Draft
PS-2
CCI-001515
Defines the frequency with which to review and update position risk designations.
Draft
PS-2
CCI-001516
Screen individuals prior to authorizing access to the system.
Draft
PS-3
CCI-001517
Rescreen individuals with authorized access to the system in accordance with organization-defined conditions requiring rescreening, and where rescreening is so indicated, on the organization-defined frequency of rescreening.
Draft
PS-3
CCI-001518
Defines the conditions requiring rescreening of individuals with authorized access to the system.
Draft
PS-3
CCI-001519
Defines the frequency for rescreening individuals with authorized access to the information system when organization-defined conditions requiring rescreening are met.
Draft
PS-3
CCI-001520
Verify that individuals accessing a system processing, storing, or transmitting classified information are cleared and indoctrinated to the highest classification level of the information to which they have access on the system.
Draft
PS-3(1)
CCI-001521
Verify that individuals accessing a system processing, storing, or transmitting types of classified information which require formal indoctrination, are formally indoctrinated for all of the relevant types of information to which they have access on the system.
Draft
PS-3(2)
CCI-001522
Upon termination of individual employment, disable system access within an organization-defined time period.
Draft
PS-4
CCI-001523
Upon termination of individual employment, conduct exit interviews that include a discussion of organization-defined information security topics.
Draft
PS-4
CCI-001524
Upon termination of individual employment, retrieve all security-related organizational system-related property.
Draft
PS-4
CCI-001525
Upon termination of individual employment, retain access to organizational information formerly controlled by the terminated individual.
Draft
PS-4
CCI-001526
Upon termination of individual employment, retain access to organizational systems formerly controlled by the terminated individual.
Draft
PS-4
CCI-001527
Review and confirm the ongoing operational need for current logical and physical access authorizations to systems and facilities when individuals are reassigned or transferred to other positions within the organization.
Draft
PS-5
CCI-001528
Initiate organization-defined transfer or reassignment actions within an organization-defined time period following the formal personnel transfer action.
Draft
PS-5
CCI-001529
Defines transfer or reassignment actions to initiate within an organization-defined time period following the formal personnel transfer action.
Draft
PS-5
CCI-001530
Defines the time period within which the organization initiates organization-defined transfer or reassignment actions following the formal personnel transfer action.
Draft
PS-5
Prev
1...
47
48
49
50
51
52
53
54
55
...172
Next