AC-4(24): Internal Normalized Format

Control Family:

Access Control

CSF v1.1 References:

Threats Addressed:


(Not part of any baseline)

Info icon.

Control is new to this version of the control set.

Control Statement

When transferring information between different security domains, parse incoming data into an internal normalized format and regenerate the data to be consistent with its intended specification.

Supplemental Guidance

Converting data into normalized forms is one of most of effective mechanisms to stop malicious attacks and large classes of data exfiltration.