SC-15(3)

Requirement

Disable or remove collaborative computing devices and applications from [Assignment: organization-defined systems or system components] in [Assignment: organization-defined secure work areas].

Discussion

Failing to disable or remove collaborative computing devices and applications from systems or system components can result in compromises of information, including eavesdropping on conversations. A Sensitive Compartmented Information Facility (SCIF) is an example of a secure work area.

Title

Collaborative Computing Devices and Applications | Disabling and Removal in Secure Work Areas
Family

System and Communications Protection
NIST 800-53B Baseline(s)

NIST 800-53A Assessment Guidance

Examine

[SELECT FROM: System and communications protection policy; procedures addressing collaborative computing; access control policy and procedures; system design documentation; system configuration settings and associated documentation; system audit records; list of secure work areas; systems or system components in secured work areas where collaborative computing devices are to be disabled or removed; system security plan; other relevant documents or records].

Interview

[SELECT FROM: System/network administrators; organizational personnel with information security responsibilities; organizational personnel with responsibilities for managing collaborative computing devices].

Test

[SELECT FROM: Mechanisms supporting and/or implementing the capability to disable collaborative computing devices].

ID	Assessment Objectives
SC-15(03)	collaborative computing devices and applications are disabled or removed from <SC-15(03)_ODP[01] systems or system components> in <SC-15(03)_ODP[02] secure work areas>.

Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!