>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

CA-9Internal System Connections

PBMM (P2)
Secret (P2)
Management

>Control Description

(A) The organization authorizes internal connections of organization-defined information system components or classes of components to the information system. (B) The organization documents, for each internal connection, the interface characteristics, security requirements, and the nature of the information communicated.

>Supplemental Guidance

This control applies to connections between organizational information systems and (separate) constituent system components (i.e., intra-system connections) including, for example, system connections with mobile devices, notebook/desktop computers, printers, copiers, facsimile machines, scanners, sensors, and servers. Instead of authorizing each individual internal connection, organizations can authorize internal connections for a class of components with common characteristics and/or configurations, for example, all digital printers, scanners, and copiers with a specified processing, storage, and transmission capability or all smart phones with a specific baseline configuration. Related controls: AC-3, AC-4, AC-18, AC-19, AU-2, AU-12, CA-7, CM-2, IA-3, SC-7, SI-4

Ask AI

Configure your API key to use AI features.