zydronium/manage.get.gov

mirror of https://github.com/cisagov/manage.get.gov.git synced 2025-08-03 00:12:16 +02:00

Add compliance documentation to source control (#116 )

* add initial setup of compliance-trestle

2022-09-14 08:46:43 -04:00

1.6 KiB

Raw Blame History

implementation-status

control-origination

c-not-implemented

c-inherited-cloud-gov

c-inherited-cisa

c-common-control

c-system-specific-control

sr-12 - [catalog] Component Disposal

Control Statement

Dispose of data, documentation, tools, or system components using the following techniques and methods: techniques and methods.

Control guidance

Data, documentation, tools, or system components can be disposed of at any time during the system development life cycle (not only in the disposal or retirement phase of the life cycle). For example, disposal can occur during research and development, design, prototyping, or operations/maintenance and include methods such as disk cleaning, removal of cryptographic keys, partial reuse of components. Opportunities for compromise during disposal affect physical and logical data, including system documentation in paper-based or digital files; shipping and delivery documentation; memory sticks with software code; or complete routers or servers that include permanent media, which contain sensitive or proprietary information. Additionally, proper disposal of system components helps to prevent such components from entering the gray market.

Control assessment-objective

data, documentation, tools, or system components are disposed of using techniques and methods.

What is the solution and how is it implemented?

Add control implementation description here for control sr-12

1.6 KiB Raw Blame History