Trustmark Definitions (26-50 of 3247)

Trustmark Definition Name Version
Defines conformance and assessment criteria for verifying that an information system transmits organization-defined access authorization information using organization-defined security safeguards to organization-defined information systems that enforce access control decisions.
 1.0
Defines conformance and assessment criteria for verifying that an organization employs encryption to protect information on mobile devices.
 1.0
Defines conformance and assessment criteria for verifying that an organization enforces the following restriction on individuals permitted by the authorizing official to use U.S. Unclassified mobile devices in facilities containing information systems processing, storing, or transmitting U.S. classified information: connection of U.S. Unclassified mobile devices to U.S. classified information systems is prohibited.
 1.0
Defines conformance and assessment criteria for verifying that an organization enforces the following restriction on individuals permitted by the authorizing official to use U.S. Unclassified mobile devices in facilities containing information systems processing, storing, or transmitting U.S. classified information: connection of U.S. Unclassified mobile devices to U.S. Unclassified information systems requires approval from the authorizing official.
 1.0
Defines conformance and assessment criteria for verifying that an organization enforces the following restriction on individuals permitted by the authorizing official to use U.S. Unclassified mobile devices in facilities containing information systems processing, storing, or transmitting U.S. classified information: use of internal or external modems or wireless interfaces within the U.S. Unclassified mobile devices is prohibited.
 1.0
Defines conformance and assessment criteria for verifying that an organization prohibits the use of U.S. Unclassified mobile devices in facilities containing information systems processing, storing, or transmitting U.S. classified information unless specifically permitted by the authorizing official.
 1.0
Defines conformance and assessment criteria for verifying that an organization enforces the following restriction on individuals permitted by the authorizing official to use U.S. Unclassified mobile devices in facilities containing information systems processing, storing, or transmitting U.S. classified information: U.S. Unclassified mobile devices and the information stored on those devices are subject to random reviews and inspections by organization-defined security officials, and if U.S. classified information is found, the incident handling policy is followed.
 1.0
Defines conformance and assessment criteria for verifying that an organization restricts the connection of U.S. classified mobile devices to U.S. classified information systems in accordance with organization-defined security policies.
 1.0
Defines conformance and assessment criteria for verifying that an organization controls physical access to information system output devices to prevent unauthorized individuals from obtaining the output.
 1.0
Defines conformance and assessment criteria for verifying that an information system links individual identity to receipt of the output from controlled devices.
 1.0
Defines conformance and assessment criteria for verifying that an organization controls physical access to output from organization-defined output devices.
 1.0
Defines conformance and assessment criteria for verifying that an information system controls physical access to output from organization-defined output devices.
 1.0
Defines conformance and assessment criteria for verifying that an organization marks organization-defined information system output devices indicating the appropriate security marking of the information permitted to be output from the device.
 1.0
Defines conformance and assessment criteria for verifying that an organization ensures that only authorized individuals receive output from controlled devices.
 1.0
Defines conformance and assessment criteria for verifying that an organization controls physical access to organization-defined information system distribution and transmission lines within organizational facilities using organization-defined security safeguards.
 1.0
Defines conformance and assessment criteria for compliance with minimum security requirements for access enforcement as related to overall access control requirements.
 1.0
Defines conformance and assessment criteria for verifying that an organization has implemented access control using Access Control Lists (ACLs).
 1.0
Defines conformance and assessment criteria for verifying that an organization has implemented access control using encryption.
 1.0
Defines conformance and assessment criteria for verifying that an organization has implemented access control using resource restrictions.
 1.0
Defines conformance and assessment criteria for verifying that an organization has implemented access control using application level mechanisms.
 1.0
Defines conformance and assessment criteria for verifying that an organization defines, documents, approves, and enforces physical and logical access restrictions associated with changes to the information system.
 1.0
Defines conformance and assessment criteria for verifying that an information system enforces access restrictions and supports auditing of the enforcement actions.
 1.0
Defines conformance and assessment criteria for verifying that an organization enforces dual authorization for implementing changes to organization-defined information system components and system-level information.
 1.0
Defines conformance and assessment criteria for verifying that an organization limits privileges to change software resident within software libraries.
 1.0
Defines conformance and assessment criteria for verifying that an organization limits privileges to change information system components and system-related information within a production or operational environment.
 1.0
This page is also available as JSON and XML.