STIGhub
STIGs
RMF Controls
Compare
← All Controls
CA-3
Assessment, Authorization, and Monitoring
Rev 4
Information Exchange
CCI Identifiers (10)
CCI-000257
The organization authorizes connections from the information system to other information systems through the use of Interconnection Security Agreements.
CCI-000258
Document, as part of each exchange agreement, the interface characteristics.
CCI-000259
Document, as part of each exchange agreement, the security requirements, controls and responsibilities for each system, and the impact level of the information communicated.
CCI-000260
The organization documents, for each interconnection, the nature of the information communicated.
CCI-000261
The organization monitors the information system connections on an ongoing basis to verify enforcement of security requirements.
CCI-001580
The organization identifies connections to external information systems (i.e., information systems outside of the authorization boundary).
CCI-002083
Review and update the agreements on an organization-defined frequency.
CCI-002084
Defines the frequency at which reviews and updates to the agreements must be conducted.
CCI-003862
Approve and manage the exchange of information between the system and other systems using interconnection security agreements; information exchange security agreements; memoranda of understanding or agreement; service level agreements; user agreement; and/or nondisclosure agreements with an organization-defined type of agreement.
CCI-003863
Document, as part of each exchange agreement, the privacy requirements, controls and responsibilities for each system, and the impact level of the information communicated.
Linked STIG Checks (0)
No STIG checks reference this control.