Unlock the full potential of your projects.
Show full map

CMMC v2.0 - Media Protection

Other
Tara Lemieux

Controls mapping and traceability diagram. Created by Tara Lemieux and Michael Redman, Schellman Compliance.

Get Started. It's Free
or sign up with your email address
Similar Mind Maps Mind Map Outline
CMMC v2.0 - Media Protection by Mind Map: CMMC v2.0 - Media Protection

1. MP.L2-3.8.6 Implement cryptographic mechanisms to protect the confidentiality of CUI stored on digital media during transport unless otherwise protected by alternative physical safeguards.

1.1. "Determine if:

1.2. (a) the confidentiality of CUI stored on digital media is protected during transport using cryptographic mechanisms or alternative physical safeguards"

2. MP.L2-3.8.7 Control the use of removable media on system components.

2.1. Determine if:

2.2. (a) the use of removable media on system components is controlled"

3. MP.L2-3.8.4 Mark media with necessary CUI markings and distribution limitations.

3.1. Determine if:

3.2. (a) media containing CUI is marked with applicable CUI markings"

3.3. (b) media containing CUI is marked with distribution limitations

4. MP.L2-3.8.9 Protect the confidentiality of backup CUI at storage locations.

4.1. Determine if:

4.2. (a) the confidentiality of backup CUI is protected at storage locations"

5. MP.L2-3.8.8 Prohibit the use of portable storage devices when such devices have no identifiable owner.

5.1. Determine if:

5.2. (a) the use of portable storage devices is prohibited when such devices have no identifiable owner"

6. MP.L2-3.8.1 Protect (i.e., physically control and securely store) system media containing CUI, both paper and digital.

6.1. Determine if:

6.2. (a) paper media containing CUI is physically controlled"

6.3. (b) digital media containing CUI is physically controlled

6.4. (c) paper media containing CUI is securely stored

6.5. (d) digital media containing CUI is securely stored

7. MP.L2-3.8.2 Limit access to CUI on system media to authorized users

7.1. Determine if:

7.2. (a) access to CUI on system media is limited to authorized users"

8. MP.L2-3.8.5 Control access to media containing CUI and maintain accountability for media during transport outside of controlled areas.

8.1. Determine if:

8.2. (a) access to media containing CUI is controlled"

8.3. (b) accountability for media containing CUI is maintained during transport outside of controlled areas

9. MP.L2-3.8.3 Sanitize or destroy information system media containing CUI before disposal or release for reuse.

9.1. Determine if:

9.2. (a) system media containing CUI is sanitized or destroyed before disposal"

9.3. (b) system media containing CUI is sanitized before it is released for reuse