>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

SC-32Information System Partitioning

Technical

>Control Description

(A) The organization partitions the information system into organization-defined information system components residing in separate physical domains or environments based on organization-defined circumstances for physical separation of components.

>Supplemental Guidance

Information system partitioning is a part of a defence-in-depth protection strategy. Organizations determine the degree of physical separation of system components from physically distinct components in separate racks in the same room, to components in separate rooms for the more critical components, to more significant geographical separation of the most critical components. Security categorization can guide the selection of appropriate candidates for domain partitioning.

Managed interfaces restrict or prohibit network access and information flow among partitioned information system components. Related controls: AC-4, SA-8, SC-2, SC-3, SC-7

Ask AI

Configure your API key to use AI features.