CPL-06
Government Surveillance
Description
Mechanisms exist to constrain the host government from having unrestricted and non-monitored access to the organization's Technology Assets, Applications, Services and/or Data (TAASD) that could potentially violate other applicable statutory, regulatory and/or contractual obligations.
Control Question
Does the organization constrain the host government from having unrestricted and non-monitored access to its Technology Assets, Applications, Services and/or Data (TAASD) that could potentially violate other applicable statutory, regulatory and/or contractual obligations?
Control Metadata
Domain:
Compliance
Validation Cadence:
Annual