DISA Control Correlation Identifier (CCI)

CCI-000042 requires that “The organization documents the rationale for authorized network access to organization-defined privileged commands in the security plan...

CCI-000054 requires that “The information system limits the number of concurrent sessions for each organization-defined account and/or account type to...

CCI-000001 requires that “The organization develops an access control policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among...

CCI-000002 requires that “The organization disseminates the access control policy to organization-defined personnel or roles.” The policy will address purpose,...

CCI-000003 requires that “The organization reviews and updates the access control policy in accordance with organization-defined frequency.” The policy will...

CCI-000468 requires that “The organization communicates contingency plan changes to an organization-defined list of key contingency personnel (identified by name...

CCI-000004 requires that “The organization develops procedures to facilitate the implementation of the access control policy and associated access controls.”...

CCI-000005 requires that “The organization disseminates the procedures to facilitate access control policy and associated access controls to the organization-defined...

CCI-000006 requires that “The organization reviews and updates the access control procedures in accordance with organization-defined frequency.” This Control Correlation...

CCI-000007 requires that “The organization manages information system accounts by identifying account types (i.e., individual, group, system, application, guest/anonymous, and...