Establish usage restrictions and implementation guidance for organization-defined system components based on the potential to cause damage to the system if used maliciously.
No STIG checks reference this CCI.