Overview:The organization:a. Develops a security assessment plan that describes the scope of the assessment including:1. Security controls and control enhancements under assessment;2. Assessment procedures to be used to determine security control... Read More
Security Assessment and Authorization (CA)
Overview:The organization:a. Assigns a senior-level executive or manager as the authorizing official for the information system;b. Ensures that the authorizing official authorizes the information system for processing before commencing operations;... Read More
Overview:The organization includes as part of security control assessments, [Assignment: organization- defined frequency], [Selection: announced; unannounced], [Selection (one or more): in-depth monitoring; vulnerability scanning; malicious user... Read More
Overview:The organization:a. Authorizes connections from the information system to other information systems through the use of Interconnection Security Agreements;b. Documents, for each interconnection, the interface characteristics, security... Read More
Overview:The organization prohibits the direct connection of an [Assignment: organization-defined unclassified, non-national security system] to an external network without the use of [Assignment; organization-defined boundary protection device].... Read More
Results 11 - 15 of 15