CCI: Control Correlation Identifier
The Control Correlation Identifier (CCI) provides a standard identifier and description for each of the singular, actionable statements that comprise an IA control or IA best practice. CCI bridges the gap between high-level policy expressions and low-level technical implementations. CCI allows a security requirement that is expressed in a high-level policy framework to be decomposed and explicitly associated with the low-level security setting(s) that must be assessed to determine compliance with the objectives of that specific security control. This ability to trace security requirements from their origin (e.g., regulations, IA frameworks) to their low-level implementation allows organizations to readily demonstrate compliance to multiple IA compliance frameworks. CCI also provides a means to objectively rollup and compare related compliance assessment results across disparate technologies.
-
CCI-005020
Correct or delete inaccurate or outdated personally identifiable information. -
CCI-005021
Correct or delete personally identifiable information that is inaccurate or outdated, incorrectly determined regarding impact, or incorrectly de-id... -
CCI-005022
Defines the automated mechanisms for identifying inaccurate or outdated, incorrectly determined regarding impact, or incorrectly de-identified pers... -
CCI-005023
Employ data tags to automate the correction or deletion of personally identifiable information across the information life cycle within organizatio... -
CCI-005024
Collect personally identifiable information directly from the individual. -
CCI-005025
Correct or delete personally identifiable information upon request by individuals or their designated representatives. -
CCI-005026
Notify organization-defined recipients of personally identifiable information that the personally identifiable information has been corrected or de... -
CCI-005027
Defines the recipients of personally identifiable information who are to be notified when the personally identifiable information is corrected or d... -
CCI-005028
Notify individuals that the personally identifiable information has been corrected or deleted. -
CCI-005029
Remove the following elements of personally identifiable information from datasets.
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.