>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

CA-3(5)Information System Connections

Management

>Control Description

SYSTEM INTERCONNECTIONS | RESTRICTIONS ON EXTERNAL SYSTEM CONNECTIONS The organization employs allow-all, deny-by-exception; deny-all, permit-by-exception policy for allowing organization-defined information systems to connect to external information systems.

>Supplemental Guidance

Organizations can constrain information system connectivity to external domains (e.g., websites) by employing one of two policies with regard to such connectivity: (i) allow-all, deny by exception, also known as blacklisting (the weaker of the two policies); or (ii) deny-all, allow by exception, also known as whitelisting (the stronger of the two policies). For either policy, organizations determine what exceptions, if any, are acceptable. Related control: CM-7.

>Tailoring Guidance

Tailor and select as required.

Ask AI

Configure your API key to use AI features.