PCF Compliance

Not applicable.

Control Description

The organization:

  1. Establishes usage restrictions and implementation guidance for [Assignment: organization-defined information system components] based on the potential to cause damage to the information system if used maliciously; and
  2. Authorizes, monitors, and controls the use of such components within the information system.

Supplemental Guidance

Information system components include hardware, software, or firmware components (e.g., Voice Over Internet Protocol, mobile code, digital copiers, printers, scanners, optical devices, wireless technologies, mobile devices).

check-circle-line exclamation-circle-line close-line
Scroll to top icon