apiperCIS
commented
5 years ago Updated Controls 7.1 wording:
Use only standardized, currently accepted, and extensively reviewed encryption algorithms.
Open adammontville opened 5 years ago
apiperCIS
commented
5 years ago Updated Controls 7.1 wording:
Use only standardized, currently accepted, and extensively reviewed encryption algorithms.
apiperCIS
commented
5 years ago Inputs 1) List of encryption algorithms used by the organization 2) Authoritative source that identifies which encryption algorithms are standardized, currently accepted, and extensively reviewed.
Operations 1) For each encryption algorithm in Input 1, check Input 2 to see if that encryption algorithm is standardized, currently accepted, and extensively reviewed. Create a list of the encryption algorithms that meet all of these criteria (M1) and a list of the algorithms that do not (M2).
Measures M1: List of encryption algorithms used by the organization that are standardized, currently accepted, and extensively reviewed (compliant list) M2: List of encryption algorithms used by the organization that do not meet these criteria (non-compliant list) M3: Count of encryption algorithms used by the organization that are standardized, currently accepted, and extensively reviewed (count of M1) M4: Total count of encryption algorithms used by the organization (count of Input 1)
Metrics Ratio of encryption algorithms used by the organization that are standardized, currently accepted, and extensively reviewed: M3 / M4
Use only standardized and extensively reviewed encryption algorithms.
Measures
Metrics