If the application contains classified data, a Security Classification Guide must exist containing data elements and their classification.

An XCCDF Rule

Details
Profiles

Description

Without a classification guide the marking, storage, and output media of classified material can be inadvertently mixed with unclassified material, leading to its possible loss or compromise.

ID: SV-222664r1051277_rule
Version: APSC-DV-003290
Severity: Medium
References: CCI-003124
Updated: about 2 months ago

Remediation Templates

Create and maintain a security classification guide.

If the application contains classified data, a Security Classification Guide must exist containing data elements and their classification.

Description

Remediation Templates

A Manual Procedure