compliance controls are associated with this Policy definition 'Isolate SecurID systems, Security Incident Management systems' (dd6d00a8-701a-5935-a22b-c7b9c0c698b2)
| Control Domain |
Control |
Name |
MetadataId |
Category |
Title |
Owner |
Requirements |
Description |
Info |
Policy# |
| FedRAMP_High_R4 |
SC-7(13) |
FedRAMP_High_R4_SC-7(13) |
FedRAMP High SC-7 (13) |
System And Communications Protection |
Isolation Of Security Tools / Mechanisms / Support Components |
Shared |
n/a |
The organization isolates [Assignment: organization-defined information security tools, mechanisms, and support components] from other internal information system components by implementing physically separate subnetworks with managed interfaces to other components of the system.
Supplemental Guidance: Physically separate subnetworks with managed interfaces are useful, for example, in isolating computer network defenses from critical operational processing networks to prevent adversaries from discovering the analysis and forensics techniques of organizations. Related controls: SA-8, SC-2, SC-3. |
link |
1 |
| FedRAMP_Moderate_R4 |
SC-7(13) |
FedRAMP_Moderate_R4_SC-7(13) |
FedRAMP Moderate SC-7 (13) |
System And Communications Protection |
Isolation Of Security Tools / Mechanisms / Support Components |
Shared |
n/a |
The organization isolates [Assignment: organization-defined information security tools, mechanisms, and support components] from other internal information system components by implementing physically separate subnetworks with managed interfaces to other components of the system.
Supplemental Guidance: Physically separate subnetworks with managed interfaces are useful, for example, in isolating computer network defenses from critical operational processing networks to prevent adversaries from discovering the analysis and forensics techniques of organizations. Related controls: SA-8, SC-2, SC-3. |
link |
1 |
| hipaa |
0806.01m2Organizational.12356-01.m |
hipaa-0806.01m2Organizational.12356-01.m |
0806.01m2Organizational.12356-01.m |
08 Network Protection |
0806.01m2Organizational.12356-01.m 01.04 Network Access Control |
Shared |
n/a |
The organization’s network is logically and physically segmented with a defined security perimeter and a graduated set of controls, including subnetworks for publicly accessible system components that are logically separated from the internal network, based on organizational requirements; traffic is controlled based on functionality required and classification of the data/systems based on a risk assessment and their respective security requirements. |
|
13 |
| hipaa |
0817.01w2System.123-01.w |
hipaa-0817.01w2System.123-01.w |
0817.01w2System.123-01.w |
08 Network Protection |
0817.01w2System.123-01.w 01.06 Application and Information Access Control |
Shared |
n/a |
Unless the risk is identified and accepted by the data owner, sensitive systems are isolated (physically or logically) from non-sensitive applications/systems. |
|
13 |
| NIST_SP_800-53_R4 |
SC-7(13) |
NIST_SP_800-53_R4_SC-7(13) |
NIST SP 800-53 Rev. 4 SC-7 (13) |
System And Communications Protection |
Isolation Of Security Tools / Mechanisms / Support Components |
Shared |
n/a |
The organization isolates [Assignment: organization-defined information security tools, mechanisms, and support components] from other internal information system components by implementing physically separate subnetworks with managed interfaces to other components of the system.
Supplemental Guidance: Physically separate subnetworks with managed interfaces are useful, for example, in isolating computer network defenses from critical operational processing networks to prevent adversaries from discovering the analysis and forensics techniques of organizations. Related controls: SA-8, SC-2, SC-3. |
link |
1 |
| NIST_SP_800-53_R5 |
SC-7(13) |
NIST_SP_800-53_R5_SC-7(13) |
NIST SP 800-53 Rev. 5 SC-7 (13) |
System and Communications Protection |
Isolation of Security Tools, Mechanisms, and Support Components |
Shared |
n/a |
Isolate [Assignment: organization-defined information security tools, mechanisms, and support components] from other internal system components by implementing physically separate subnetworks with managed interfaces to other components of the system. |
link |
1 |
| SWIFT_CSCF_v2022 |
2.1 |
SWIFT_CSCF_v2022_2.1 |
SWIFT CSCF v2022 2.1 |
2. Reduce Attack Surface and Vulnerabilities |
Ensure the confidentiality, integrity, and authenticity of application data flows between local SWIFT-related components. |
Shared |
n/a |
Confidentiality, integrity, and authentication mechanisms are implemented to protect SWIFT-related component-to-component or system-to-system data flows. |
link |
36 |