CCI-001768

Description	The organization defines the frequency on which it will review and update the list of unauthorized software programs.
Assessment Procedure	CM-7(4).4
Organization Guidance	DoD has defined the frequency as monthly.
Auditor Guidance	The organization being inspected/assessed is automatically compliant with this CCI because they are covered at the DoD level. DoD has defined the frequency as monthly.

Control CM-7 (4) Least Functionality | Unauthorized Software / Blacklisting

STIG Rules

No STIG rules exist.