>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

MP-3Media Marking

Moderate
High

>Control Description

a

Mark system media indicating the distribution limitations, handling caveats, and applicable security markings (if any) of the information; and

b

Exempt organization-defined types of system media from marking if the media remain within organization-defined controlled areas.

>FedRAMP Baseline Requirements

Additional Requirements and Guidance

MP-3 (b) Guidance: Second parameter not-applicable

>Discussion

Security marking refers to the application or use of human-readable security attributes. Digital media includes diskettes, magnetic tapes, external or removable hard disk drives (e.g., solid state, magnetic), flash drives, compact discs, and digital versatile discs. Non-digital media includes paper and microfilm.

Controlled unclassified information is defined by the National Archives and Records Administration along with the appropriate safeguarding and dissemination requirements for such information and is codified in 32 CFR 2002. Security markings are generally not required for media that contains information determined by organizations to be in the public domain or to be publicly releasable. Some organizations may require markings for public information indicating that the information is publicly releasable.

System media marking reflects applicable laws, executive orders, directives, policies, regulations, standards, and guidelines.

>Cross-Framework Mappings

SCF

DCH-04
Compare

>Programmatic Queries

Beta

Related Services

AWS Resource Groups & Tag Editor
AWS Config
AWS Organizations Tag Policies

CLI Commands

List resources with classification tags
aws resourcegroupstaggingapi get-resources --tag-filters Key=Classification
Check tag compliance via AWS Config
aws configservice get-compliance-details-by-config-rule --config-rule-name required-tags
Tag a resource with sensitivity level
aws resourcegroupstaggingapi tag-resources --resource-arn-list RESOURCE_ARN --tags Classification=Confidential,Sensitivity=High
List tag policies in organization
aws organizations list-policies --filter TAG_POLICY
Open AWS ConsoleDocumentation

>Assessment Interview Topics

Questions assessors commonly ask

Process & Governance:

  • What formal policies and procedures govern the implementation of MP-3 (Media Marking)?
  • Who are the designated roles responsible for implementing, maintaining, and monitoring MP-3?
  • How frequently is the MP-3 policy reviewed and updated, and what triggers policy changes?
  • What governance structure ensures MP-3 requirements are consistently applied across all systems?

Technical Implementation:

  • Describe the specific technical mechanisms or controls used to enforce MP-3 requirements.
  • What automated tools, systems, or technologies are deployed to implement MP-3?
  • How is MP-3 integrated into your system architecture and overall security posture?
  • What configuration settings, parameters, or technical specifications enforce MP-3 requirements?

Evidence & Documentation:

  • What documentation demonstrates the complete implementation of MP-3?
  • What audit logs, records, reports, or monitoring data validate MP-3 compliance?
  • Can you provide evidence of periodic reviews, assessments, or testing of MP-3 effectiveness?
  • What artifacts would you present during a FedRAMP assessment to demonstrate MP-3 compliance?

Ask AI

Configure your API key to use AI features.