>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

AM-06Media Marking

>Control Description

Where applicable, Organization marks information system media indicating the distribution limitations, handling caveats, and applicable security markings (if any) of the information. Exemptions must be approved by management and remain in a specific controlled area.

Theme

Process

Type

Preventive

Policy/Standard

Asset Management Policy

>Implementation Guidance

1. Ensure that a process is established and documented for media marking and handling, including distribution limitation. 2. Ensure that sensitive information containing media is marked as per the organization's media marking requirements as applicable. 3. Ensure that any exceptions are approved by management, documented and retained by authorized personnel.

>Testing Procedure

1. Inspect information system media marking to indicate the distribution limitations, handling caveats, and applicable security markings (if any) of the information. 2. Inspect exemption cases to validate that it must be approved by management and remain in a specific area.

>Audit Artifacts

E-AM-01
E-AM-05

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

ISO 27002:2022
2

5.1
7.8

FedRAMP Rev 5
1

MP-03

PCI DSS
1

9.4

TX-RAMP
1

MP-3

Ask AI

Configure your API key to use AI features.