An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: bugfix-XSS-85-d5bffe - rmfrev4
Open sidebar
Navigate
Top
Search
CCIs (
5137
)
Pages (
63/172
)
CCIs
Number
Definition
Status
Related
CCI-001891
The information system compares internal information system clocks on an organization-defined frequency with an organization-defined authoritative time source.
Draft
AU-8(1)
CCI-001892
The organization defines the time difference which, when exceeded, will require the information system to synchronize the internal information system clocks to the organization-defined authoritative time source.
Draft
AU-8(1)
CCI-001893
The information system identifies a secondary authoritative time source that is located in a different geographic region than the primary authoritative time source.
Draft
AU-8(2)
CCI-001894
Defines the subset of privileged users who will be authorized access to the management of audit functionality.
Draft
AU-9(4)
CCI-001895
Defines the audit information requiring dual authorization for movement or deletion actions.
Draft
AU-9(5)
CCI-001896
Enforce dual authorization for movement and/or deletion of organization-defined audit information.
Draft
AU-9(5)
CCI-001897
Defines the subset of privileged users or roles who will be authorized read-only access to audit information.
Draft
AU-9(6)
CCI-001898
Authorize read-only access to audit information to an organization-defined subset of privileged users or roles.
Draft
AU-9(6)
CCI-001899
Defines the actions to be covered by non-repudiation.
Draft
AU-10
CCI-001900
Defines the strength of binding to be applied to the binding of the identity of the information producer with the information.
Draft
AU-10(1)
CCI-001901
Bind the identity of the information producer with the information to an organization-defined strength of binding.
Draft
AU-10(1)
CCI-001902
Provide the means for authorized individuals to determine the identity of the producer of the information.
Draft
AU-10(1)
CCI-001903
Defines the frequency on which the system is to validate the binding of the information producer identity to the information.
Draft
AU-10(2)
CCI-001904
Validate the binding of the information producer identity to the information at an organization-defined frequency.
Draft
AU-10(2)
CCI-001905
Defines the actions to be performed in the event of an error when validating the binding of the information producer identity to the information.
Draft
AU-10(2)
CCI-001906
Perform organization-defined actions in the event of an error when validating the binding of the information producer identity to the information.
Draft
AU-10(2)
CCI-001907
Defines the security domains which will require the system validate the binding of the information reviewer identity to the information at the transfer or release points prior to release/transfer.
Draft
AU-10(4)
CCI-001908
Defines the action the system is to perform in the event of an information reviewer identity binding validation error.
Draft
AU-10(4)
CCI-001909
Perform organization-defined actions in the event of an information reviewer identity binding validation error.
Draft
AU-10(4)
CCI-001910
Defines the personnel or roles allowed to select which event types are to be logged by specific components of the system.
Draft
AU-12
CCI-001911
Defines the selectable event criteria to be used as the basis for changes to the auditing to be performed on organization-defined system components, by organization-defined individuals or roles, within organization-defined time thresholds.
Draft
AU-12(3)
CCI-001912
Defines the time thresholds for organization-defined individuals or roles to change the auditing to be performed based on organization-defined selectable event criteria.
Draft
AU-12(3)
CCI-001913
Defines the individuals or roles that are to be provided the capability to change the auditing to be performed based on organization-defined selectable event criteria, within organization-defined time thresholds.
Draft
AU-12(3)
CCI-001914
Provide the capability for organization-defined individuals or roles to change the logging to be performed on organization-defined system components based on organization-defined selectable event criteria within organization-defined time thresholds.
Draft
AU-12(3)
CCI-001915
Defines the open source information and/or information sites to be monitored for evidence of unauthorized exfiltration or disclosure of organizational information.
Draft
AU-13
CCI-001916
The organization employs automated mechanisms to determine if organizational information has been disclosed in an unauthorized manner.
Draft
AU-13(1)
CCI-001917
Defines the frequency for reviewing the open source information sites being monitored.
Draft
AU-13(2)
CCI-001918
Review the open source information sites being monitored per organization-defined frequency.
Draft
AU-13(2)
CCI-001919
Provide the capability for organization-defined users or roles to select a user session to record; view; hear; or log the content of a user session under organization-defined circumstances.
Draft
AU-14
CCI-001920
Provide the capability for authorized users to remotely view and hear content related to an established user session in real time.
Draft
AU-14(3)
Prev
1...
59
60
61
62
63
64
65
66
67
...172
Next