zydronium/manage.get.gov
1
0
Fork 0
mirror of https://github.com/cisagov/manage.get.gov.git synced 2025-08-04 17:01:56 +02:00
Code Issues Projects Releases Packages Wiki Activity
manage.get.gov/docs/compliance/dist/system-security-plans/ato/sc-28.1.md
Logan McDonald 1d3dfdb8d5
Add compliance documentation to source control (#116) 
* add initial setup of compliance-trestle
2022-09-14 08:46:43 -04:00

1.4 KiB
Raw Blame History

implementation-status control-origination
c-not-implemented
c-inherited-cloud-gov
c-inherited-cisa
c-common-control
c-system-specific-control

sc-28.1 - [catalog] Cryptographic Protection

Control Statement

Implement cryptographic mechanisms to prevent unauthorized disclosure and modification of the following information at rest on system components or media: information.

Control guidance

The selection of cryptographic mechanisms is based on the need to protect the confidentiality and integrity of organizational information. The strength of mechanism is commensurate with the security category or classification of the information. Organizations have the flexibility to encrypt information on system components or media or encrypt data structures, including files, records, or fields.

Control assessment-objective

cryptographic mechanisms are implemented to prevent unauthorized disclosure of information at rest on system components or media; cryptographic mechanisms are implemented to prevent unauthorized modification of information at rest on system components or media.

What is the solution and how is it implemented?

Add control implementation description here for control sc-28.1