What are the controls on data exchange and integrity of the credential?
The agency follows all applicable government-wide standards for controlling and protecting information systems (see NIST SP800-53). Specific controls are described below. System security:The controls include network security and limited access to system and physical facilities.Program controls include protecting data through the >use of FIPS validated cryptographic algorithms in transit, processing and at rest. Networks: The IT infrastructure that supports security programs is described in detail in associated IT Security Plans. All data exchange takes place over encrypted data communication networks that are designed and managed specifically to meet the needs of the Security program.Private networks and or encryption technologies are used during the electronic transfer of information to ensure “eavesdropping” is not allowed and that data is sent only to its intended destination and to an authorized user, by an authorized user. Data Transmission: All data transmissions associated with
Related Questions
- Can the foreign signatories continue to exchange amongst themselves controlled data that they have received under a TAA, after this TAA has expired?
- What controls are in place to verify that the data entered is accurate since we are not making copies of the employees documentation?
- What controls does Morningstar have in place to ensure the integrity of the data?
