AC-4(15): Detection Of Unsanctioned Information

Control Family:

Access Control

Parent Control:

AC-4: Information Flow Enforcement

Priority:

P1: Implement P1 security controls first.

CSF v1.1 References:

ID.AM-3
PR.AC-5
PR.DS-5
PR.PT-4
DE.AE-1

Threats Addressed:

Information Disclosure

Baselines:

(Not part of any baseline)

Next Version:

NIST Special Publication 800-53 Revision 5:
AC-4(15): Detection of Unsanctioned Information

Control Statement

The information system, when transferring information between different security domains, examines the information for the presence of [Assignment: organized-defined unsanctioned information] and prohibits the transfer of such information in accordance with the [Assignment: organization-defined security policy].

Supplemental Guidance

Detection of unsanctioned information includes, for example, checking all information to be transferred for malicious code and dirty words.