STIGhub
STIGs
RMF Controls
Compare
← All Controls
AR-2
Accountability, Audit, and Risk Management
Rev 4
Privacy Impact and Risk Assessment
CCI Identifiers (9)
CCI-003417
The organization documents a privacy risk management process which assesses the privacy risk to individuals.
CCI-003418
The organization implements a privacy risk management process which assesses the privacy risk to individuals.
CCI-003419
The organization's privacy risk management process assesses the privacy risk to individuals resulting from the collection of personally identifiable information (PII).
CCI-003420
The organization's privacy risk management process assesses the privacy risk to individuals resulting from the sharing of personally identifiable information (PII).
CCI-003421
The organization's privacy risk management process assesses the privacy risk to individuals resulting from the storing of personally identifiable information (PII).
CCI-003422
The organization's privacy risk management process assesses the privacy risk to individuals resulting from the transmitting of personally identifiable information (PII).
CCI-003423
The organization's privacy risk management process assesses the privacy risk to individuals resulting from the use of personally identifiable information (PII).
CCI-003424
The organization's privacy risk management process assesses the privacy risk to individuals resulting from the disposal of personally identifiable information (PII).
CCI-003425
The organization conducts Privacy Impact Assessments (PIAs) for information systems, programs, or other activities that pose a privacy risk in accordance with applicable law, OMB policy, or any existing organizational policies and procedures.
Linked STIG Checks (0)
No STIG checks reference this control.