CRY-07—Approved Cryptographic Technology

>Control Description

Where applicable, strong industry standard cryptographic ciphers and keys with an effective strength greater than 112 bits are required for cryptographic security operations.

Theme

Process

Type

Preventive

Policy/Standard

Cryptographic Management Policy

>Implementation Guidance

1. Ensure that the encryption is enabled along with type of encryption algorithm being used as applicable (e.g. for AWS S3 - AWS SSE-KMSetc., full disk encryption for on prem databases). 2. Ensure that strong industry standard cryptographic ciphers and keys with an effective strength greater than 112 bits are required for cryptographic security operations.

>Testing Procedure

1. Validate evidence showing that encryption is enabled along with type of encryption algorithm being used as applicable (e.g. for AWS S3 - AWS SSE-KMSetc., full disk encryption for on prem databases) to ensure that only strong encryption algorithms mandated by Organization Cryptography standard are in use where applicable. 2. Validate whether the keys have a strength greater than 112 bits for cryptographic security operations.

>Audit Artifacts

E-CRY-06

E-CRY-07

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

Ask AI

Configure your API key to use AI features.

>Control Description

Theme

Type

Policy/Standard

>Implementation Guidance

>Testing Procedure

>Audit Artifacts

>Framework Mappings

CIS Controls1

ISO 27002:20221

PCI DSS2

BSI C53

Ask AI

CIS Controls
1

ISO 27002:2022
1

PCI DSS
2

BSI C5
3