| Trustmark Definition Name | Version |
|---|---|
|
Defines conformance and assessment criteria for verifying that an organization develops an information security architecture for the information system that describes any information security assumptions about, and dependencies on, external services.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops an information security architecture for the information system that describes how the information security architecture is integrated into and supports the enterprise architecture.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization designs its security architecture using a defense-in-depth approach that allocates organization-defined security safeguards to organization-defined locations and architectural layers; and ensures that the allocated security safeguards operate in a coordinated and mutually reinforcing manner. .
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization requires that organization-defined security safeguards allocated to organization-defined locations and architectural layers are obtained from different suppliers.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops information security measures of performance.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization monitors information security measures of performance.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization reports on the results of information security measures of performance.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that is approved by a senior official with responsibility and accountability for the risk being incurred to individuals.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that is approved by a senior official with responsibility and accountability for the risk being incurred to organizational assets.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that is approved by a senior official with responsibility and accountability for the risk being incurred to organizational operations.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that is approved by a senior official with responsibility and accountability for the risk being incurred to other organizations.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that is approved by a senior official with responsibility and accountability for the risk being incurred to the Nation.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that provides a description of the common controls in place for meeting the requirements of the information security program.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that includes the identification and assignment of compliance. .
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that includes the identification and assignment of coordination among organizational entities. .
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that includes the identification and assignment of management commitment.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that includes the identification and assignment of responsibilities.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that includes the identification and assignment of roles.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that provides a description of the security program management controls in place for meeting the requirements of the information security program.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that provides a description of the common controls planned for meeting the requirements of the information security program.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that provides a description of the security program management controls planned for meeting the requirements of the information security program.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops an organization-wide information security program plan that provides an overview of the requirements for the security program.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization disseminates an organization-wide information security program plan.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization protects the information security program plan from unauthorized disclosure.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization protects the information security program plan from unauthorized modification.
|
1.0 |
