Back

Include coordination amongst entities in the privacy policy.


CONTROL ID
14667
CONTROL TYPE
Establish/Maintain Documentation
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Define what is included in the privacy policy., CC ID: 00404

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • Reflects coordination among organizational entities responsible for the different aspects of privacy; and (PM-18a.5., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Privacy Control Baseline, October 2020)
  • Addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PT-1a.1(a), Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Privacy Control Baseline, October 2020)
  • Reflects coordination among organizational entities responsible for the different aspects of privacy; and (PM-18a.5., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Flow Down Controls)
  • Addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PT-1a.1(a), Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Flow Down Controls)
  • Addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PT-1a.1(a), Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 1 Controls)
  • Reflects coordination among organizational entities responsible for the different aspects of privacy; and (PM-18a.5., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 1 Controls)
  • Addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PT-1a.1(a), Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 2 Controls)
  • Reflects coordination among organizational entities responsible for the different aspects of privacy; and (PM-18a.5., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 2 Controls)
  • Addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PT-1a.1(a), Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 3 Controls)
  • Addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PT-1a.1(a), Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5)
  • Reflects coordination among organizational entities responsible for the different aspects of privacy; and (PM-18a.5., Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5)
  • Addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (PT-1a.1(a), Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5.1.1)
  • Reflects coordination among organizational entities responsible for the different aspects of privacy; and (PM-18a.5., Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5.1.1)