STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 5 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← All Controls

SC-1

System and Communications ProtectionRev 4

Policy and Procedures

CCI Identifiers (25)

CCI-001074The organization develops a system and communications protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance.CCI-001075Disseminates to organization-defined personnel or roles the organization-level; mission/business process-level; and/or system-level system and communications protection policy.CCI-001076Review and update the current system and communications protection policy in accordance with organization-defined frequency.CCI-001077Defines the frequency for reviewing and updating the current system and communications protection policy.CCI-001078The organization develops system and communications protection procedures to facilitate the implementation of the system and communications protection policy and associated system and communications protection controls.CCI-001079Disseminates to organization-defined personnel or roles the procedures to facilitate the implementation of the system and communications protection policy and associated system and communications protection controls.CCI-001080Review and update the current system and communications protection procedures in accordance with organization-defined frequency.CCI-001081Defines the frequency for reviewing and updating the current system and communications protection procedures.CCI-002377The organization documents the system and communications protection policy.CCI-002378Defines the personnel or roles to be recipients of the organization-level; mission/business process-level; and/or system-level system and communications protection policy.CCI-002379The organization documents procedures to facilitate the implementation of the system and communications protection policy and associated system and communications protection controls.CCI-002380Defines the personnel or roles to be recipients of the procedures to facilitate the implementation of the system and communications protection policy and associated system and communications protection controls.CCI-004852Develop and document an organization-level; mission/business process-level; and/or system-level system and communications protection policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance.CCI-004853Develop and document an organization-level; mission/business process-level; and/or system-level a system and communications protection policy that is consistent with applicable laws, Executive Orders, directives, regulations, policies, standards, and guidelines.CCI-004854Develop and document system and communications protection procedures to facilitate the implementation of the system and communications protection policy and associated system and communications protection controls.CCI-004855Designate an organization-defined official to manage the development and documentation of the system and communications protection policy.CCI-004856Designate an organization-defined official to manage the development and documentation of the system and communications protection procedures.CCI-004857Designate an organization-defined official to manage the dissemination of the system and communications protection policy.CCI-004858Designate an organization-defined official to manage the dissemination of the system and communications protection procedures.CCI-004859Defines the official to manage the development, documentation, and dissemination of the system and communications protection policy.CCI-004860Defines the official to manage the development, documentation, and dissemination of the system and communications protection procedures.CCI-004861Review and update the current system and communications protection policy following organization-defined events.CCI-004862Defines the events following reviewing and updating the current system and communications protection policy.CCI-004863Review and update the current system and communications protection procedures following organization-defined events.CCI-004864Defines the events following reviewing and updating the current system and communications protection procedures.

Linked STIG Checks (0)

No STIG checks reference this control.