NET-04.2 ยท Object Security Attributes

Control Description

Mechanisms exist to associate security attributes with information, source and destination objects to enforce defined information flow control configurations as a basis for flow control decisions.

Control Question
Assessment question for control validation

Does the organization associate security attributes with information, source and destination objects to enforce defined information flow control configurations as a basis for flow control decisions?

Control Weighting
5
Validation Cadence
Annual
NIST CSF Function
Protect
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 3 - Tactical