← Back to catalog
AU-10(4)

Validate Binding of Information Reviewer Identity

Audit and Accountability (AU)
Baselines
Low · Not includedModerate · Not includedHigh · Not included
Description

Validate the binding of the information reviewer identity to the information at the transfer or release points prior to release or transfer between [assignment] ; and Perform [assignment] in the event of a validation error.

Discussion

Validating the binding of the information reviewer identity to the information at transfer or release points prevents the unauthorized modification of information between review and the transfer or release. The validation of bindings can be achieved by using cryptographic checksums. Organizations determine if validations are in response to user requests or generated automatically.

Implementation guidance

No content available.

CSF 2.0 crosswalk

No CSF mappings exist for this control.