SC-02-727 Application Partitioning

Application Partitioning

SC-02-727
Application Partitioning
System and Communications Protection
Protect
System Communications Protection
MOD, HIGH
P1
No
The integrity of a business process is compromised due to the lack of segregation of duties (e.g., maker & checker).
The information system separates user functionality (including user interface services) from information system management functionality.
The information system physically or logically separates user interface services (e.g., public web pages) from information storage and management services (e.g., database management). Separation may be accomplished through the use of different computers, different central processing units, different instances of the operating system, different network addresses, combinations of these methods, or other methods as appropriate.
No statewide control
Obtain system and communications protection policy; procedures addressing application partitioning; information system design documentation; information system configuration settings and associated documentation; other relevant documents or records and ascertain if : (I)the information system separates user functionality (including user interface services) from information system management functionality.