Restrict Deployments to Trust Perimeter

CCC.Core.C06: Restrict Deployments to Trust Perimeter

Control ID:CCC.Core.C06

Title:Restrict Deployments to Trust Perimeter

Objective:Ensure that the service and its child resources are only deployed on infrastructure in locations that are explicitly included within a defined trust perimeter.

Control Family:

Data

Guideline Mappings

Reference ID	Entry ID	Strength	Remarks
NIST-CSF	PR.DS-1	0	-
CCM	DSP-19	10	Data Location (specify and document processing and backup locations)
ISO_27001	2013 A.11.1.1	0	-
NIST_800_53	AC-6	0	-

Assessment Requirements

ID	Description	Applicability
CCC.Core.C06.TR01	When the service is running, its region and availability zone MUST be included in a list of explicitly trusted or approved locations within the trust perimeter.	tlp-clear tlp-green tlp-amber tlp-red
CCC.Core.C06.TR02	When a child resource is deployed, its region and availability zone MUST be included in a list of explicitly trusted or approved locations within the trust perimeter.	tlp-clear tlp-green tlp-amber tlp-red