Skip to content
ATO Pathways
  Log In

CCI: Control Correlation Identifier

The Control Correlation Identifier (CCI) provides a standard identifier and description for each of the singular, actionable statements that comprise an IA control or IA best practice. CCI bridges the gap between high-level policy expressions and low-level technical implementations. CCI allows a security requirement that is expressed in a high-level policy framework to be decomposed and explicitly associated with the low-level security setting(s) that must be assessed to determine compliance with the objectives of that specific security control. This ability to trace security requirements from their origin (e.g., regulations, IA frameworks) to their low-level implementation allows organizations to readily demonstrate compliance to multiple IA compliance frameworks. CCI also provides a means to objectively rollup and compare related compliance assessment results across disparate technologies.

Scheme
public.cyber.mil /stigs/cci/
Published by
DoD Cyber Exchange (sponsored by DISA: Defense Information Systems Agency)

  • CCI-004920

    Defines sensors that are configured to minimize the collection of information about individuals that is not needed.
    Show

  • CCI-004921

    Employ organization-defined sensors that are configured to minimize the collection of information about individuals that is not needed.
    Show

  • CCI-004922

    Synchronize system clocks within and between systems or system components.
    Show

  • CCI-004923

    Compare the internal system clocks on an organization-defined frequency with organization-defined authoritative time source.
    Show

  • CCI-004924

    Defines the frequency for comparing the internal system clocks with organization-defined authoritative time source.
    Show

  • CCI-004925

    Defines the time source used for comparing the internal system clocks.
    Show

  • CCI-004926

    Synchronize the internal system clocks to the authoritative time source when the time difference is greater than organization-defined time period.
    Show

  • CCI-004927

    Defines the time period for synchronizing the internal system clocks to the authoritative time source.
    Show

  • CCI-004928

    Identify a secondary authoritative time source that is in a different geographic region than the primary authoritative time source.
    Show

  • CCI-004929

    Synchronize the internal system clocks to the secondary authoritative time source if the primary authoritative time source is unavailable.
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules