An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
57/172
)
CCIs
Number
Definition
Status
Related
CCI-001681
The organization defines the frequency at which each form of security control assessment should be conducted.
Deprecated
CA-2(2)
CCI-001682
Automatically remove or disable emergency accounts after an organization-defined time period for each type of account.
Draft
AC-2(2)
CCI-001683
The information system notifies organization-defined personnel or roles for account creation actions.
Draft
AC-2(4)
CCI-001684
The information system notifies organization-defined personnel or roles for account modification actions.
Draft
AC-2(4)
CCI-001685
The information system notifies organization-defined personnel or roles for account disabling actions.
Draft
AC-2(4)
CCI-001686
The information system notifies organization-defined personnel or roles for account removal actions.
Draft
AC-2(4)
CCI-001687
Verify that the use of mobile code deployed in system meets organization-defined mobile code requirements.
Draft
SC-18(2)
CCI-001688
Verify the acquisition of mobile code deployed in the system meets organization-defined mobile code requirements.
Draft
SC-18(2)
CCI-001689
The organization, if an information system component failure is detected, automatically shuts down the information system.
Draft
CCI-001690
The organization protects, as required, vendor/manufacturer documentation that describes the security-relevant external interfaces to the information system.
Draft
CCI-001691
The organization makes available to authorized personnel vendor/manufacturer documentation that describes the security-relevant external interfaces to the information system with sufficient detail to permit analysis and testing.
Draft
CCI-001692
The organization makes available to authorized personnel vendor/manufacturer documentation that describes the low-level design of the information system in terms of modules and implementation details of the security controls employed within the system with sufficient detail to permit analysis and testing.
Draft
CCI-001693
The information system enforces a Discretionary Access Control (DAC) policy that limits propagation of access rights.
Draft
CCI-001694
The information system enforces a Discretionary Access Control (DAC) policy that includes or excludes access to the granularity of a single user.
Draft
CCI-001695
Prevent the execution of organization-defined unacceptable mobile code.
Draft
SC-18(3)
CCI-001726
Use software in accordance with contract agreements.
Draft
CM-10
CCI-001727
Use software documentation in accordance with contract agreements.
Draft
CM-10
CCI-001728
Use software in accordance with copyright laws.
Draft
CM-10
CCI-001729
Use software documentation in accordance with copyright laws.
Draft
CM-10
CCI-001730
Track the use of software protected by quantity licenses to control copying of the software.
Draft
CM-10
CCI-001731
Track the use of software documentation protected by quantity licenses to control distribution of the software documentation.
Draft
CM-10
CCI-001732
Control the use of peer-to-peer file sharing technology to ensure that this capability is not used for the unauthorized distribution, display, performance, or reproduction of copyrighted work.
Draft
CM-10
CCI-001733
Document the use of peer-to-peer file sharing technology to ensure that this capability is not used for the unauthorized distribution, display, performance, or reproduction of copyrighted work.
Draft
CM-10
CCI-001734
Defines the restrictions to be followed on the use of open source software.
Draft
CM-10(1)
CCI-001735
Establish organization-defined restrictions on the use of open source software.
Draft
CM-10(1)
CCI-001736
Defines the number of previous versions of the baseline configuration of the system required to support rollback.
Draft
CM-2(3)
CCI-001737
Defines the systems or system components that are to have organization-defined configurations applied when located in areas of significant risk.
Draft
CM-2(7)
CCI-001738
Defines the configurations to be implemented on systems and system components when they are located in areas of significant risk.
Draft
CM-2(7)
CCI-001739
Issue organization-defined systems or system components with organization-defined configurations to individuals traveling to locations the organization deems to be of significant risk.
Draft
CM-2(7)
CCI-001740
Review proposed configuration-controlled changes to the system.
Draft
CM-3
Prev
1...
53
54
55
56
57
58
59
60
61
...172
Next