AST-04
Network Diagrams & Data Flow Diagrams (DFDs)
Description
Mechanisms exist to maintain network architecture diagrams that: (1) Contain sufficient detail to assess the security of the network's architecture; (2) Reflect the current architecture of the network environment; and (3) Document all sensitive/regulated data flows.
Control Question
Does the organization maintain network architecture diagrams that: (1) Contain sufficient detail to assess the security of the network's architecture; (2) Reflect the current architecture of the network environment; and (3) Document all sensitive/regulated data flows?
Control Metadata
Domain:
Asset Management
Validation Cadence:
Annual
Evidence Request List:
E-DCH-03 E-DCH-04 E-DCH-05