Trustmark Definition Name | Version |
---|---|
Defines conformance and assessment criteria for verifying that an organization's agreements for sharing sensitive information specify the systems and services to which the organization will have access, and the policies to which the organization must adhere.
|
1.0 |
Addresses the requirement for all end-entity certificates associated with PKI shall contain algorithms that conform to NIST SP 800-78.
|
1.0 |
Addresses the requirement for all participants in multiparty access to serve in a trusted role.
|
1.0 |
Defines conformance and assessment criteria for verifying that an organization provides an alternate audit capability in the event of a failure in primary audit capability that provides organization-defined alternate audit functionality.
|
1.0 |
Defines conformance and assessment criteria for verifying that an information system provides the capability to employ alternative communications protocols in support of maintaining continuity of operations.
|
1.0 |
Defines conformance and assessment criteria for verifying that an organization ensures that equipment and supplies required to transfer and resume operations are available at the alternate processing site or contracts are in place to support delivery to the site within the organization-defined time period for transfer/resumption.
|
1.0 |
Defines conformance and assessment criteria for verifying that ane organization establishes an alternate processing site including necessary agreements to permit the transfer and resumption of information system operations for essential missions/business functions within an organization-defined time period consistent with recovery time and recovery point objectives when the primary processing capabilities are unavailable.
|
1.0 |
Defines conformance and assessment criteria for verifying that an organization ensures that the alternate processing site provides information security safeguards equivalent to those of the primary site.
|
1.0 |
Defines conformance and assessment criteria for verifying that an organization identifies potential accessibility problems to the alternate processing site in the event of an area-wide disruption or disaster and outlines explicit mitigation actions.
|
1.0 |
Defines conformance and assessment criteria for verifying that an organization plans and prepares for circumstances that preclude returning to the primary processing site.
|
1.0 |
Defines conformance and assessment criteria for verifying that an organization prepares its alternate processing site so that the site is ready to be used as the operational site supporting essential missions and business functions.
|
1.0 |
Defines conformance and assessment criteria for verifying that an organization develops alternate processing site agreements that contain priority-of-service provisions in accordance with organizational availability requirements.
|
1.0 |
Defines conformance and assessment criteria for verifying that an organization identifies an alternate processing site that is separated from the primary processing site.
|
1.0 |
Defines conformance and assessment criteria for verifying that an organization establishes an alternate storage site including necessary agreements to permit the storage and retrieval of information system backup information.
|
1.0 |
Defines conformance and assessment criteria for verifying that an organization ensures that the alternate storage site provides information security safeguards equivalent to that of the primary site.
|
1.0 |
Defines conformance and assessment criteria for verifying that an organization identifies potential accessibility problems to the alternate storage site in the event of an area-wide disruption or disaster and outlines explicit mitigation actions.
|
1.0 |
Defines conformance and assessment criteria for verifying that an organization configures an alternate storage site to facilitate recovery operations in accordance with recovery time and recovery point objectives.
|
1.0 |
Defines conformance and assessment criteria for verifying that an organization identifies an alternate storage site that is separated from the primary storage site to reduce susceptibility to the same threats.
|
1.0 |
Defines conformance and assessment criteria for verifying that an organization develops primary and alternate telecommunications service agreements that contain priority-of-service provisions.
|
1.0 |
Defines conformance and assessment criteria for verifying that an organization requests Telecommunications Service Priority for all telecommunications services used for national security emergency preparedness in the event that the primary and/or alternate telecommunications services are provided by a common carrier.
|
1.0 |
Defines conformance and assessment criteria for verifying that an organization establishes alternate telecommunications services including necessary agreements to permit the resumption of information system operations for essential missions and business functions when primary telecommunications capabilities are unavailable.
|
1.0 |
Defines conformance and assessment criteria for verifying that an organization assesses as feasible, the effectiveness of security controls at alternate work sites.
|
1.0 |
Defines conformance and assessment criteria for verifying that an organization provides a means for employees to communicate with information security personnel in case of security incidents or problems.
|
1.0 |
Defines conformance and assessment criteria for verifying that an organization employs [Assignment: organization-defined security controls] at alternate work sites.
|
1.0 |
Defines conformance and assessment criteria for verifying that an organization employs alternative or supplemental security mechanisms for satisfying security functions when the primary means of implementing the security function is unavailable or compromised.
|
1.0 |