Trustmark Definitions (51-75 of 3301)

Trustmark Definition Name Version
Defines conformance and assessment criteria for verifying that an organization develops operational privacy policies that govern the appropriate privacy and security controls for programs, information systems, or technologies involving PII.
1.0
Defines conformance and assessment criteria for verifying that sensitive information is disseminated only for law enforcement purposes.
1.0
Defines conformance and assessment criteria for verifying that an organization disables the broadcast SSID feature of its wireless access points.
1.0
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement USABLE-3: PLAIN LANGUAGE.
1.0
Specifies that a health care related organization must perform a periodic nontechnical evaluation that establishes the extent to which the organization's security policies meet requirements.
1.0
Defines conformance and assessment criteria for verifying that an information system automatically removes or disables temporary accounts.
1.0
Specifies requirements for part of the contents of the privacy notice for individuals. The privacy notice must contain a description of each of the other purposes for which the organization is permitted or required to use or disclose protected health information.
1.0
This Trustmark Definition defines conformance and assessment criteria for compliance with minimum security requirements for PKI certificate authorities' (CAs) availability.
1.0
Defines conformance and assessment criteria for verifying that an organization requires the developer of the information system, system component, or information system service to: (a) Perform an automated vulnerability analysis using organization-defined tools; (b) Determine the exploitation potential for discovered vulnerabilities; (c) Determine potential risk mitigations for delivered vulnerabilities; and (d) Deliver the outputs of the tools and results of the analysis to organization-defined personnel or roles. .
1.0
Defines conformance and assessment criteria for verifying that an organization requires the developer of the information system, system component, or information system service to implement an explicit process to continuously improve the development process.
1.0
Defines conformance and assessment criteria for verifying that an organization implements a process for ensuring that plans of action and milestones for the security program and associated organizational information systems document the remedial information security actions to adequately respond to risk to individuals.
1.0
Defines conformance and assessment criteria for verifying that an organization develops a comprehensive strategy to manage risk to the Nation associated with the operation and use of information systems.
1.0
Defines conformance and assessment criteria for compliance with minimum security requirements for mobile device connection requirements as related to overall access control requirements.
1.0
Defines conformance and assessment criteria for verifying that an organization reviews and reevaluates privileges at an organization-defined frequency.
1.0
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement SECURE-5: CREDENTIAL ISSUANCE.
1.0
Defines privacy requirements for organizations to document the criteria they require when attempting to merge information from multiple records allegedly about the same individual.
1.0
Defines conformance and assessment criteria for verifying that an organization implements a process for ensuring that organizational plans for conducting security training associated with organizational information systems are maintained.
1.0
Defines privacy requirements for ensuring that remedial measures for the protection of sensitive information are proportionate to the likelihood and severity of the harm threatened by its collection.
1.0
Defines conformance and assessment criteria for compliance with minimum security requirements for dissemination of contingency planning policy as related to overall contingency planning requirements.
1.0
Defines conformance and assessment criteria for compliance with minimum security requirements for information system user documentation - user security functions as related to overall system and services acquisition requirements.
1.0
Addresses requirements for automatic time-stamping of PKI Certificate Authority archive records.
1.0
This Trustmark Definition defines conformance and assessment criteria for compliance with requirements individuals to identify themselves before being permitted to perform any actions set forth for their defined PKI roles or identity.
1.0
Defines conformance and assessment criteria for compliance with minimum security requirements for review and update of system and communications protection procedures as related to overall system and communications protection requirements.
1.0
Defines conformance and assessment criteria for verifying that an information system identifies a secondary authoritative time source that is located in a different geographic region than the primary authoritative time source.
1.0
Defines conformance and assessment criteria for compliance with minimum security requirements for system security alerts, advisories and directives - monitoring as related to overall system and information integrity requirements.
1.0
This page is also available as JSON and XML.