Navigate

SC-3(2)

SC-3(2): Access / Flow Control Functions

The information system isolates security functions enforcing access and information flow control from nonsecurity functions and from other security functions.

Supplemental

Security function isolation occurs as a result of implementation; the functions can still be scanned and monitored. Security functions that are potentially isolated from access and flow control enforcement functions include, for example, auditing, intrusion detection, and anti-virus functions.

CIA Levels
Confidentiality	unknown
Integrity	unknown
Availability	unknown

Overlays
None

CSF Categories
None

Related Controls

The controls below (if any) were marked by NIST as being related to SC-3(2).

Control	Description
No controls

Enhancements

The controls below (if any) add on to the requirements of SC-3(2).

Control	Description
No controls

Related CCIs

The CCIs below are tied to SC-3(2).

CCI	Definition
CCI-001086	Isolate security functions enforcing access and information flow control from both nonsecurity functions and from other security functions.