The organization defines the individuals or information systems to be the only recipients of organization-defined information, information system components, or devices, by employing organization-defined security safeguards.
No STIG checks reference this CCI.