This Control has the following implementation support Control(s):
Change the locations of processing facilities at random intervals., CC ID: 10651
Change the locations of storage facilities at random intervals., CC ID: 10661
SELECTED AUTHORITY DOCUMENTS COMPLIED WITH
Employ [Assignment: organization-defined techniques] to introduce randomness into organizational operations and assets. (SC-30(2) ¶ 1, Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 2 Controls)
Employ [Assignment: organization-defined techniques] to introduce randomness into organizational operations and assets. (SC-30(2) ¶ 1, Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 3 Controls)
Implement the following changes to organizational systems and system components to introduce a degree of unpredictability into operations: [Assignment: organization-defined changes and frequency of changes by system and system component]. (3.13.2e, Enhanced Security Requirements for Protecting Controlled Unclassified Information, NIST SP 800-172)
The organization employs {organizationally documented techniques} to introduce randomness into organizational operations and assets. (SC-30(2), Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Deprecated, Revision 4, Deprecated)
The organization employs [Assignment: organization-defined techniques] to introduce randomness into organizational operations and assets. (SC-30(2) ¶ 1, Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Revision 4)
Employ [Assignment: organization-defined techniques] to introduce randomness into organizational operations and assets. (SC-30(2) ¶ 1, Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5)
Employ [Assignment: organization-defined techniques] to introduce randomness into organizational operations and assets. (SC-30(2) ¶ 1, Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5.1.1)
The organization employs [Assignment: organization-defined techniques] to introduce randomness into organizational operations and assets. (SC-30(2) ¶ 1, Supply Chain Risk Management Practices for Federal Information Systems and Organizations, NIST Special Publication 800-161, April 2015)