Skip to content
ATO Pathways
  Log In

CCI: Control Correlation Identifier

The Control Correlation Identifier (CCI) provides a standard identifier and description for each of the singular, actionable statements that comprise an IA control or IA best practice. CCI bridges the gap between high-level policy expressions and low-level technical implementations. CCI allows a security requirement that is expressed in a high-level policy framework to be decomposed and explicitly associated with the low-level security setting(s) that must be assessed to determine compliance with the objectives of that specific security control. This ability to trace security requirements from their origin (e.g., regulations, IA frameworks) to their low-level implementation allows organizations to readily demonstrate compliance to multiple IA compliance frameworks. CCI also provides a means to objectively rollup and compare related compliance assessment results across disparate technologies.

Scheme
public.cyber.mil /stigs/cci/
Published by
DoD Cyber Exchange (sponsored by DISA: Defense Information Systems Agency)

  • CCI-004910

    Provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store.
    Show

  • CCI-004911

    Defines the safeguards for providing protected storage for cryptographic keys.
    Show

  • CCI-004912

    Partition privileged functions into separate physical domains.
    Show

  • CCI-004913

    Takes organization-defined actions in response to identified faults, errors, or compromises.
    Show

  • CCI-004914

    Defines actions to take in response to identified faults, errors, or compromises.
    Show

  • CCI-004915

    Synchronize the organization-defined duplicate systems or system components.
    Show

  • CCI-004916

    Defines the duplicate systems or system components to be synchronized.
    Show

  • CCI-004917

    Defines sensors to facilitate an individual's awareness that personally identifiable information is being collected.
    Show

  • CCI-004918

    Defines measures to facility an individual's awareness that personally identifiable information is being collected.
    Show

  • CCI-004919

    Employ organization-defined measures to facilitate an individual's awareness that personally identifiable information is being collected by organiz...
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules