AC-4(8) - Information Flow Enforcement | Security and Privacy Policy Filters

(a) Enforce information flow control using [Assignment: organization-defined security or privacy policy filters] as a basis for flow control decisions for [Assignment: organization-defined information flows]; and (b) [Selection (one or more): Block; Strip; Modify; Quarantine] data after a filter processing failure in accordance with [Assignment: organization-defined security or privacy policy].


Informational References

ISO 27001

ID: AC-4(8)
Enhancement of : AC-4

Countermeasures Covered by Control

ID Name Description D3FEND

Space Threats Tagged by Control

ID Description

Sample Requirements

Requirement Rationale/Additional Guidance/Notes

Related SPARTA Techniques and Sub-Techniques

ID Name Description