| Trustmark Definition Name | Version |
|---|---|
|
Defines conformance and assessment criteria for compliance with minimum security requirements for review of configuration management policy as related to overall configuration management requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for review of configuration management procedures as related to overall configuration management requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for review of contingency planning policy as related to overall contingency planning requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for review of contingency planning procedures as related to overall contingency planning requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for review of security assessment and authorization policy as related to overall certification accreditation and security assessments requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for review of security assessment and authorization procedures as related to overall certification accreditation and security assessments requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for review of security awareness and training policy as related to overall awareness and training requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for review of security awareness and training procedures as related to overall awareness and training requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for review of system component inventory as related to overall configuration management requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for review of system contingency plan test results as related to overall contingency planning requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for review of system maintenance records as related to overall maintenance requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system enforces the revocation of access authorizations resulting from changes to the security attributes of subjects and objects based on organization-defined rules governing the timing of revocations of access authorizations.
|
1.0 |
|
Addresses the requirement for organization PKI certificate authorities (CAs) to request revocation of CA PKI certificates within a specified time period for certificates revoked for reasons other than key compromise.
|
1.0 |
|
Addresses the requirement for organization PKI certificate authorities (CAs) to request revocation of CA PKI certificates within a specified time period in the event of key compromise.
|
1.0 |
|
Addresses the requirement organizations to require PKI certificate revocation requests to be authenticated.
|
1.0 |
|
Addresses the requirement for revoked certificates to be included on all new publications of the certificate status information until the certificates expire.
|
1.0 |
|
Addresses the requirement for revoked PKI certificates to be placed on the certificate revocation list.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization implements its risk management strategy consistently across the organization.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops a comprehensive strategy to manage risk to individuals associated with the operation and use of information systems.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops a comprehensive strategy to manage risk to organizational assets associated with the operation and use of information systems.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops a comprehensive strategy to manage risk to organizational operations associated with the operation and use of information systems.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops a comprehensive strategy to manage risk to other organizations associated with the operation and use of information systems.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization reviews and updates the risk management strategy at an organization-defined frequency to address organizational changes.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops a comprehensive strategy to manage risk to the Nation associated with the operation and use of information systems.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization reviews and updates the risk management strategy as required, to address organizational changes.
|
1.0 |
