Description
The organization screens individuals requiring access to organizational information and information systems before authorizing access.
Supplemental Guidance
Screening is consistent with: (i) 5 CFR 731.106; (ii) Office of Personnel Management policy, regulations, and guidance; (iii) organizational policy, regulations, and guidance; (iv) FIPS 201 and Special Publications 800-73, 800-76, and 800-78; and (v) the criteria established for the risk designation of the assigned position.
Enhancements
(0) None.
Compliance Mappings
ISO 27001:2022
A.6.1
ISO 27002:2022
6.1
COBIT 2019
APO07
NIST CSF 2.0
GV.RR-04
PCI DSS v4.0.1
12.7
CSA CCM v4
HRS-01
CSA AICM v1
HRS-01
ISO 42001:2023
A.4.6
NIS2 Directive
Art. 21(2)(i)
BSI IT-Grundschutz
ORP.2
ANSSI
Hygiene.7SecNumCloud.8.1
FINMA Circular 2023/1
IV.B.a(48)IV.F(100)
OSFI B-13
B-13.1.1
EU GDPR
Art.28(3)(b)Art.32(4)
EU DORA
Art.5(4)
BIO2
6.1
RBI CSF
Annex1.8
FISC Security Guidelines
FISC.O8
LGPD + BCB 4893
LGPD.Art.47
MLPS 2.0
8.1.8.1
DNB Good Practice
DNB.8.1DNB.8.4
SWIFT CSCF
SWIFT.5.3A
SAMA CSF
1.7
NCA ECC
1-9
UAE IA
T5
Qatar NIA
HR
CBE CSF
CD-1GOV-2
SA JS2
JS2-8.6
CBN CSF
Part1.2Part9
BoG CISD
CISD-XV
POPIA
s19
BoM CTRM
3.8
IOSCO Cyber Resilience
GOV-4
CPMI-IOSCO PFMI
CG.GOV
FFIEC IS
II.C.7II.C.7(a)
NYDFS 500
500.10
HIPAA Security Rule
§164.308(a)(3)(i)§164.308(a)(3)(ii)(A)§164.308(a)(3)(ii)(B)
ECB CROE
CROE.2.1.2CROE.2.3.2
SEBI CSCRF
GV.RR
BOT Cyber Resilience
Ch7.2
CMMC 2.0
PS
NERC CIP
CIP-004-7
10 CFR 73.54
RG5.71-C-PS
DOE C2M2 v2.1
WORKFORCE
API 1164
Sec 13
AWIA
AWWA Sec 8
IAEA NSS 17-T
Sec 9
PCI PTS v6
H
CBEST
CBEST.8
Solvency II
Art.42
NAIC Insurance Data Security
4-personnel4B
PRA SS1/23
P2.4
FCA SYSC 13
SYSC 13.6.4
HITRUST CSF v11
02.a
FDA 21 CFR Part 11
§11.10(i)§11.100(b)
ISO 27799
7.19.3
CCSS v9.0
1.04.4
Basel SCO60
SCO60.55SCO60.62
BSSC Standards
GSP-04
SEC Custody (Digital Assets)
SEC-CD-16
ISO 17799 (legacy)
8.1.2
COBIT 4.1 (legacy)
PO7.6