>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

CM-12Information Location

>Control Description

Information that resides in different physical locations may be subject to different cybersecurity risks throughout the supply chain, depending on the specific location of the information. Components that originate or operate from different physical locations may also be subject to different supply chain risks, depending on the specific location of origination or operations. Enterprises should manage these risks through limiting access control and specifying allowable or disallowable geographic locations for backup/recovery, patching/upgrades, and information transfer/sharing. NIST SP 800-53, Rev. 5 control enhancement CM-12 (1) is a mechanism that can be used to enable automated location of components.

>Cross-Framework Mappings

SCF

DCH-24
Compare

Ask AI

Configure your API key to use AI features.