Back

Establish, implement, and maintain a privacy report.


CONTROL ID
14754
CONTROL TYPE
Establish/Maintain Documentation
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Establish, implement, and maintain a privacy framework that protects restricted data., CC ID: 11850

This Control has the following implementation support Control(s):
  • Disseminate and communicate the privacy report to interested personnel and affected parties., CC ID: 14761


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • Develop [Assignment: organization-defined privacy reports] and disseminate to: (PM-27a., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Privacy Control Baseline, October 2020)
  • Review and update privacy reports [Assignment: organization-defined frequency]. (PM-27b., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Privacy Control Baseline, October 2020)
  • Review and update privacy reports [Assignment: organization-defined frequency]. (PM-27b., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 2 Controls)
  • Develop [Assignment: organization-defined privacy reports] and disseminate to: (PM-27a., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 2 Controls)
  • Review and update privacy reports [Assignment: organization-defined frequency]. (PM-27b., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 3 Controls)
  • Develop [Assignment: organization-defined privacy reports] and disseminate to: (PM-27a., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 3 Controls)
  • Review and update privacy reports [Assignment: organization-defined frequency]. (PM-27b., Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5)
  • Develop [Assignment: organization-defined privacy reports] and disseminate to: (PM-27a., Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5)
  • Review and update privacy reports [Assignment: organization-defined frequency]. (PM-27b., Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5.1.1)
  • Develop [Assignment: organization-defined privacy reports] and disseminate to: (PM-27a., Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5.1.1)