AC-4(3): Dynamic Information Flow Control

Control Family:

Parent Control:

AC-4: Information Flow Enforcement

Priority:

P1: Implement P1 security controls first.

CSF v1.1 References:

Threats Addressed:

Baselines:

(Not part of any baseline)

Next Version:

NIST Special Publication 800-53 Revision 5:
AC-4(3): Dynamic Information Flow Control

Control Statement

The information system enforces dynamic information flow control based on [Assignment: organization-defined policies].

Supplemental Guidance

Organizational policies regarding dynamic information flow control include, for example, allowing or disallowing information flows based on changing conditions or mission/operational considerations. Changing conditions include, for example, changes in organizational risk tolerance due to changes in the immediacy of mission/business needs, changes in the threat environment, and detection of potentially harmful or adverse events.