← Controls / SC

SC-19 Voice Over Internet Protocol

System and Communications Protection

Low Moderate High

Description

The organization: (i) establishes usage restrictions and implementation guidance for Voice over Internet Protocol (VoIP) technologies based on the potential to cause damage to the information system if used maliciously; and (ii) authorizes, monitors, and controls the use of VoIP within the information system.\n

Supplemental Guidance

NIST Special Publication 800-58 provides guidance on security considerations for VoIP technologies employed in information systems.\n

Changes from Rev 4

Technology-specific; addressed as any other technology or protocol

Enhancements

(0) None.\n

Compliance Mappings

ISO 17799 (legacy)

None.

COBIT 4.1 (legacy)

None.