Navigate

SC-42 (1)

SC-42 (1): Reporting To Authorized Individuals Or Roles

The organization ensures that the information system is configured so that data or information collected by the [Assignment: organization-defined sensors] is only reported to authorized individuals or roles.

Supplemental

In situations where sensors are activated by authorized individuals (e.g., end users), it is still possible that the data/information collected by the sensors will be sent to unauthorized entities.

CIA Levels
Confidentiality	unknown
Integrity	unknown
Availability	unknown

Overlays
None

Related Controls

The controls below (if any) were marked by NIST as being related to SC-42 (1).

Control	Description
No controls

Enhancements

The controls below (if any) add on to the requirements of SC-42 (1).

Control	Description
No controls

Related CCIs

The CCIs below are tied to SC-42 (1).

CCI	Definition
CCI-002551	The organization defines the sensors to be configured so that collected data or information is reported only to authorized individuals or roles.
CCI-002552	The organization ensures that the information system is configured so that data or information collected by the organization-defined sensors is only reported to authorized individuals or roles.