💼 CA-3 Information Exchange
- Contextual name: 💼 CA-3 Information Exchange
- ID:
/frameworks/nist-sp-800-53-r5/ca/03 - Located in: 💼 CA Assessment, Authorization, And Monitoring
Description​
a. Approve and manage the exchange of information between the system and other systems using [Selection (one or more): interconnection security agreements; information exchange security agreements; memoranda of understanding or agreement; service level agreements; user agreements; nondisclosure agreements; [Assignment: organization-defined type of agreement]]; b. Document, as part of each exchange agreement, the interface characteristics, security and privacy requirements, controls, and responsibilities for each system, and the impact level of the information communicated; and c. Review and update the agreements [Assignment: organization-defined frequency].
Similar​
- Internal
- ID:
dec-c-ebd64899
- ID:
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 FedRAMP High Security Controls → 💼 CA-3 Information Exchange (L)(M)(H) | 1 | |||
| 💼 FedRAMP Low Security Controls → 💼 CA-3 Information Exchange (L)(M)(H) | ||||
| 💼 NIST CSF v2.0 → 💼 ID.AM-03: Representations of the organization's authorized network communication and internal and external network data flows are maintained | 48 | |||
| 💼 NIST CSF v2.0 → 💼 PR.DS-01: The confidentiality, integrity, and availability of data-at-rest are protected | 117 | |||
| 💼 NIST CSF v2.0 → 💼 PR.DS-02: The confidentiality, integrity, and availability of data-in-transit are protected | 97 | |||
| 💼 NIST CSF v2.0 → 💼 PR.DS-10: The confidentiality, integrity, and availability of data-in-use are protected | 111 |