Examples of Security Control in a sentence
For service that involves the storage, generating, transmitting, or exchanging of VA sensitive information but does not require C&A or an MOU-ISA for system interconnection, the contractor/subcontractor must complete a Contractor Security Control Assessment (CSCA) on a yearly basis and provide it to the COR.
Identified gaps between required FedRAMP Security Control Baselines and Continuous Monitoring controls and the Contractor's implementation as documented in the Security Assessment Report must be tracked by the Contractor for mitigation in a Plan of Action and Milestones (POA&M) document.
For service that involves the storage, generating, transmitting, or exchanging of VA sensitive information but does not require C&A or an MOU-ISA for system interconnection, the contractor/subcontractor must complete a Contractor Security Control Assessment (CSCA) on a yearly basis and provide it to the COTR.
Documentation may include, but is not limited to: Standard Form 328 (Certificate Pertaining to Foreign Interest); Listing of Key Management Personnel; an Organizational Chart; Security Control Agreements: Special Security Agreements; and Proxy Agreements or Voting Trust Agreements.
For systems categorized as High and Moderate security impact level, the independent Security Control Assessor must issue this report.