The information system enforces the use of human reviews for [organization-defined information flows] under the following conditions: [organization-defined conditions].
Supplemental
Organizations define security policy filters for all situations where automated flow control decisions are possible. When a fully automated flow control decision is not possible, then a human review may be employed in lieu of, or as a complement to, automated security policy filtering. Human reviews may also be employed as deemed necessary by organizations.