97
InformatIon SecurIty PolIcy DeveloPment for comPlIance
SC-12 CRYPTOGRAPHIC KEY ESTABLISHMENT AND
MANAGEMENT
Control: e organization establishes and manages cryptographic keys
for required cryptography employed within the information system.
SC-13 USE OF CRYPTOGRAPHY
Control: e information system implements required cryptographic
protections using cryptographic modules that comply with applicable
federal laws, Executive Orders, directives, policies, regulations, stan-
dards, and guidance.
SC-14 PUBLIC ACCESS PROTECTIONS
Control: e information system protects the integrity and availability
of publicly available information and applications.
SC-15 COLLABORATIVE COMPUTING DEVICES
Control: e information system:
a. Prohibits remote activatio