Skip to content
ATO Pathways
  Log In

CCI: Control Correlation Identifier

The Control Correlation Identifier (CCI) provides a standard identifier and description for each of the singular, actionable statements that comprise an IA control or IA best practice. CCI bridges the gap between high-level policy expressions and low-level technical implementations. CCI allows a security requirement that is expressed in a high-level policy framework to be decomposed and explicitly associated with the low-level security setting(s) that must be assessed to determine compliance with the objectives of that specific security control. This ability to trace security requirements from their origin (e.g., regulations, IA frameworks) to their low-level implementation allows organizations to readily demonstrate compliance to multiple IA compliance frameworks. CCI also provides a means to objectively rollup and compare related compliance assessment results across disparate technologies.

Scheme
public.cyber.mil /stigs/cci/
Published by
DoD Cyber Exchange (sponsored by DISA: Defense Information Systems Agency)

  • CCI-005130

    Defines the indications of need for inspection for detecting tampering.
    Show

  • CCI-005131

    Defines the system or system components which will be inspected at random, at organization-defined frequency, and/or upon organization-defined indi...
    Show

  • CCI-005132

    Develop and document anti-counterfeit policy that include the means to detect and prevent counterfeit components from entering the system.
    Show

  • CCI-005133

    Develop and document anti-counterfeit procedures that include the means to detect and prevent counterfeit components from entering the system.
    Show

  • CCI-005134

    Report counterfeit system components to source of counterfeit component, organization-defined external reporting organizations, and/or organization...
    Show

  • CCI-005135

    Defines the external reporting organizations who report counterfeit system components.
    Show

  • CCI-005136

    Defines the personnel or roles who report counterfeit system components.
    Show

  • CCI-005137

    Train organization-defined personnel or roles to detect counterfeit system components including hardware, software, and firmware.
    Show

  • CCI-005138

    Defines the personnel or roles who are trained to detect counterfeit system components (including hardware, software, and firmware).
    Show

  • CCI-005139

    Maintain configuration control over the following system components awaiting service or repair.
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules