| Trustmark Definition Name | Version |
|---|---|
|
Defines privacy requirements related to the documentation of sensitive information handling in the event of the organization's bankruptcy, sale, or discontinuation of services.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization has documented the specific terms and conditions for personally owned information systems to access, process, store or transmit sensitive information.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for testing of flaw remediation updates as related to overall system and information integrity requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization reviews security monitoring plans for consistency with the organizational risk management strategy and organization-wide priorities for risk response actions.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization reviews security monitoring plans for consistency with organization-wide priorities for risk response actions.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization reviews security testing plans for consistency with organization-wide priorities for risk response actions.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization reviews security testing plans for consistency with the organizational risk management strategy.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization reviews secuirty training plans for consistency with organization-wide priorities for risk response actions.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization reviews secuirty training plans for consistency with the organizational risk management strategy.
|
1.0 |
|
Addresses the requirement for an organization's CPS to describe procedures to ensure that certificate accountability is maintained for device PKI certificates.
|
1.0 |
|
This Trustmark Definition defines conformance and assessment criteria for a Registration Authority (RA) to reduce the risk of equipment tampering.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs organization-defined information system components with minimal functionality and information storage.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for third-party providers - compliance monitoring as related to overall personnel security requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for third-party providers - compliance with personnel security requirements as related to overall personnel security requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for third-party providers - notification of terminations and transfers as related to overall personnel security requirements.
|
1.0 |
|
Addresses the requirement for an independent third party to validate the execution of PKI CA key generation procedures.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization implements a threat awareness program.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization's threat awareness program includes a cross-organization information-sharing capability.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system identifies a secondary authoritative time source that is located in a different geographic region than the primary authoritative time source.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an information system compares and synchronizes internal system clocks with an organization-defined authoritative time source. .
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for timely implementation of security-relevant updates as related to overall system and information integrity requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization obtains maintenance support and/or spare parts for organization-defined information system components within a defined time period of failure.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs automated mechanisms to transfer predictive maintenance data to a computerized maintenance management system.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization performs predictive maintenance on organization-defined information system components at organization-defined time intervals.
|
1.0 |
