| Trustmark Definition Name | Version |
|---|---|
|
Defines conformance and assessment criteria for verifying that an organization requires terminated individuals to sign an acknowledgment of post-employment requirements as part of the organizational termination process.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for personnel transfers - modification of access authorizations as related to overall personnel security requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for personnel transfers - notification as related to overall personnel security requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for personnel transfers - review of access authorizations as related to overall personnel security requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for personnel transfers - timely actions as related to overall personnel security requirements.
|
1.0 |
|
This Trustmark Definition defines conformance and assessment criteria for compliance with minimum security requirements for personnel screening criteria as related to overall personnel security requirements.
|
1.0 |
|
This Trustmark Definition defines conformance and assessment criteria for compliance with minimum security requirements for personnel screening criteria as related to overall personnel security requirements.
|
1.0 |
|
This Trustmark Definition defines conformance and assessment criteria for compliance with minimum security requirements for personnel screening criteria as related to overall personnel security requirements.
|
1.0 |
|
Addresses the requirement for the persons filling Trusted Roles to be trustworthy.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization authorizes physical access to the facility where the information system resides based on position or role.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization restricts unescorted access to the facility where the information system resides to personnel with (one or more): security clearances for all information contained within the system; formal access authorizations for all information contained within the system; need for access to all information contained within the system; organization-defined credentials.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization requires two forms of identification from organization-defined list of acceptable forms of identification for visitor access to the facility where the information system resides.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs guards and/or alarms to monitor every physical access point to the facility where the information system resides 24 hours per day, 7 days per week.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization performs security checks at an organization-defined frequency at the physical boundary of the facility or information system for unauthorized exfiltration of information or removal of information system components.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs a penetration testing process that includes unannounced attempts to bypass or circumvent security controls associated with physical access points to the facility at an organization-defined frequency.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization enforces physical access authorizations to the information system in addition to the physical access controls for the facility.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization uses lockable physical casings to protect organization-defined information system components from unauthorized physical access.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs organization-defined security safeguards to detect and/or prevent physical tampering or alteration of organization-defined hardware components within the information system.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for physical access devices are secured as related to overall physical and environmental protection requirements.
|
1.0 |
|
This Trustmark Definition defines conformance and assessment criteria for compliance with minimum security requirements for providing physical access security mechanisms commensurate with the level of threat.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization destroys physical media only by shredding or incineration.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization uses formal procedures to securely dispose of media when it is no longer required.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for physical security incident detection and response as related to overall physical and environmental protection requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for physical separation of publicly accessible information system components as related to overall system and communications protection requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization has established minimum PIN complexity requirements.
|
1.0 |
