a. Determine and document the [Assignment: organization-defined authority] that permits the [Assignment: organization-defined processing] of personally identifiable information; and b. Restrict the [Assignment: organization-defined processing] of personally identifiable information to only that which is authorized.
ID | Name | Description | D3FEND |
ID | Description |
Requirement | Rationale/Additional Guidance/Notes |
---|
ID | Name | Description |
---|