Conduct privacy impact assessments for systems, programs, or other activities before initiating a new collection of personally identifiable information that will be processes using information technology.
No STIG checks reference this CCI.