An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
60/172
)
CCIs
Number
Definition
Status
Related
CCI-001801
Implement a configuration management plan for the system that protects the configuration management plan from unauthorized disclosure and modification.
Draft
CM-9
CCI-001802
Track the use of software documentation protected by quantity licenses to control copying of the software documentation.
Draft
CM-10
CCI-001803
Track the use of software protected by quantity licenses to control distribution of the software.
Draft
CM-10
CCI-001804
Defines the policies for governing the installation of software by users.
Draft
CM-11
CCI-001805
Establish organization-defined policies governing the installation of software by users.
Draft
CM-11
CCI-001806
Defines methods to be employed to enforce the software installation policies.
Draft
CM-11
CCI-001807
Enforce software installation policies through organization-defined methods.
Draft
CM-11
CCI-001808
Defines the frequency on which it will monitor software installation policy compliance.
Draft
CM-11
CCI-001809
Monitor software installation policy compliance per an organization-defined frequency.
Draft
CM-11
CCI-001810
The organization defines the personnel or roles to be notified when unauthorized software is detected.
Draft
CM-11(1)
CCI-001811
The information system alerts organization-defined personnel or roles when the unauthorized installation of software is detected.
Draft
CM-11(1)
CCI-001812
The information system prohibits user installation of software without explicit privileged status.
Draft
CM-11(2)
CCI-001813
Enforce access restrictions using organization-defined mechanisms.
Draft
CM-5(1)
CCI-001814
The Information system supports auditing of the enforcement actions.
Draft
CM-5(1)
CCI-001815
Defines the controls to be applied to devices when individuals return from areas of significant risk.
Draft
CM-2(7)
CCI-001816
Apply organization-defined controls to the systems or components when the individuals return from travel.
Draft
CM-2(7)
CCI-001817
When analyzing changes to the system, looks for privacy impacts due to flaws, weaknesses, incompatibility, or intentional malice.
Draft
CM-4(1)
CCI-001818
Analyze changes to the system in a separate test environment before installation in an operational environment.
Draft
CM-4(1)
CCI-001819
Implement approved configuration-controlled changes to the system.
Draft
CM-3
CCI-001820
The organization documents a configuration management policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance.
Deprecated
CM-1
CCI-001821
Defines the organizational personnel or roles to whom the organization-level; mission/business process-level; and/or system-level configuration management policy is to be disseminated.
Draft
CM-1
CCI-001822
Disseminate the organization-level; mission/business process-level; and/or system-level configuration management policy to organization-defined personnel or roles.
Draft
CM-1
CCI-001823
The organization documents the procedures to facilitate the implementation of the configuration management policy and associated configuration management controls.
Deprecated
CM-1
CCI-001824
Defines the organizational personnel or roles to whom the organization-level; mission/business process-level; and/or system-level configuration management procedures are to be disseminated.
Draft
CM-1
CCI-001825
Disseminate to organization-defined personnel or roles the procedures to facilitate the implementation of the organization-level; mission/business process-level; and/or system-level configuration management policy and associated configuration management controls.
Draft
CM-1
CCI-001826
The organization defines the circumstances upon which the organization reviews the information system changes to determine whether unauthorized changes have occurred.
Draft
CM-5(2)
CCI-001827
The organization defines the frequency with which to review information system privileges.
Draft
CM-5(5)
CCI-001828
The organization defines the frequency with which to reevaluate information system privileges.
Draft
CM-5(5)
CCI-001829
The organization reviews information system privileges per an organization-defined frequency.
Draft
CM-5(5)
CCI-001830
The organization reevaluates information system privileges per an organization-defined frequency.
Draft
CM-5(5)
Prev
1...
56
57
58
59
60
61
62
63
64
...172
Next