Develop and document organization-level; mission/business process-level; and/or system level personally identifiable information processing and transparency policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance.
No STIG checks reference this CCI.