Organizational Control: Media Marking
| Control ID: MP-3 Media Marking | Family: Media Protection | Source: NIST 800-53r4 |
Control: The organization:
|
||
| Supplemental Guidance: The term security marking refers to the application/use of human-readable security attributes. The term security labeling refers to the application/use of security attributes with regard to internal data structures within information systems (see AC-16). Information system media includes both digital and non-digital media. Digital media includes, for example, diskettes, magnetic tapes, external/removable hard disk drives, flash drives, compact disks, and digital video disks. Non-digital media includes, for example, paper and microfilm. Security marking is generally not required for media containing information determined by organizations to be in the public domain or to be publicly releasable. However, some organizations may require markings for public information indicating that the information is publicly releasable. Marking of information system media reflects applicable state and federal laws, Executive Orders, directives, policies, regulations, standards, and guidance. Related Controls: PL-2, RA-3, AC-16 |
||
| Control Enhancements: N/A | ||
| References: FIPS Publication 199. | ||
| Mechanisms: | ||
| Protocol Implementation Conformance Statements: N/A | ||