| Trustmark Definition Name | Version |
|---|---|
|
Defines conformance and assessment criteria for compliance with minimum security requirements for system security alerts, advisories and directives - monitoring as related to overall system and information integrity requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for system security plan approval as related to overall security planning requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for system security plan content as related to overall security planning requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for system security plan distribution as related to overall security planning requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for system security plan protection as related to overall security planning requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for system security plan review as related to overall security planning requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for system security plan updates as related to overall security planning requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization plans and coordinates security-related activities affecting the information system with organization-defined individuals or groups before conducting such activities in order to reduce the impact on other organizational entities.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for systems authorized prior to commencing operations as related to overall certification accreditation and security assessments requirements.
|
1.0 |
|
This Trustmark Definition addresses organizational requirements to provide tamper protection safeguards for information systems.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization implements a tamper protection program for the information system, system component, or information system service.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization inspects organization-defined information systems, system components, or devices at random, at an organization-defined frequency, or upon organization-defined indications of need for inspection to detect tampering.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs anti-tamper technologies and techniques during multiple phases in the system development life cycle including design, development, integration, operations, and maintenance.
|
1.0 |
|
This Trustmark Definition addresses organizational requirements to implement a tamper protection program.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs a technical surveillance countermeasures survey at organization-defined locations [Selection (one or more): organization-defined frequency; organization-defined events or indicators occur.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization tests alternate telecommunication services organization-defined frequency.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization requires primary and alternate telecommunications service providers to have contingency plans.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization reviews provider contingency plans to ensure that the plans meet organizational contingency requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization obtains evidence of contingency testing/training by providers.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization obtains alternate telecommunications services from providers that are separated from primary service providers to reduce susceptibility to the same threats.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization obtains alternate telecommunications services to reduce the likelihood of sharing a single point of failure with primary telecommunications services.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for temperature and humidity controls as related to overall physical and environmental protection requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs automatic temperature and humidity controls in the facility to prevent fluctuations potentially harmful to the information system.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs temperature and humidity monitoring that provides an alarm or notification of changes potentially harmful to personnel or equipment.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for temporary passwords permitted as related to overall identification and authentication requirements.
|
1.0 |
