Skip to content

SI-1: Policy and Procedures

An OSCAL Control

    • events

      events that would require the system and information integrity procedures to be reviewed and updated are defined;

    • personnel or roles

      personnel or roles to whom the system and information integrity policy is to be disseminated is/are defined;

    • personnel or roles

      personnel or roles to whom the system and information integrity procedures are to be disseminated is/are defined;

    • official

      an official to manage the system and information integrity policy and procedures is defined;

    • frequency

      the frequency at which the current system and information integrity policy is reviewed and updated is defined;

    • events

      events that would require the current system and information integrity policy to be reviewed and updated are defined;

    • frequency

      the frequency at which the current system and information integrity procedures are reviewed and updated is defined;