SC-42(1): Reporting To Authorized Individuals Or Roles

Control Family:

System And Communications Protection

Parent Control:

SC-42: Sensor Capability And Data

Priority:

P0: Security control not selected in any baseline.

Threats Addressed:

Information Disclosure

Baselines:

(Not part of any baseline)

Next Version:

NIST Special Publication 800-53 Revision 5:
SC-42(1): Reporting to Authorized Individuals or Roles

Control Statement

The organization ensures that the information system is configured so that data or information collected by the [Assignment: organization-defined sensors] is only reported to authorized individuals or roles.

Supplemental Guidance

In situations where sensors are activated by authorized individuals (e.g., end users), it is still possible that the data/information collected by the sensors will be sent to unauthorized entities.