Link Search Menu Expand Document
OpenRMF Professional Help

Run the CCI to Controls Report

This report shows the relationship of Control Correlation Identifier (CCI) items in Checklists to NIST Control Families. Each Checklist has 1 or more vulnerabilities to track. These vulnerabilities many times have 1 or more CCI items linked to particular NIST Control family subcontrols. Those subcontrols roll up under a major NIST Control family to map to compliance and system package security plans.

OpenRMF Professional CCI to Controls Report

Where the Data Comes From

This data comes from the NIST 800-53 rev 4 or rev 5 list of all controls and their baselines for low, moderate, and high. It also comes from each Checklist within your System Package as well as a file from DISA public.cyber.mil on relationships of CCI to NIST Controls and subcontrols.

Why Run this Report

This report shows you all CCI items particular to your major NIST Control family. This is useful for matching compliance, system package security plan control matrix information and other specific vulnerability reports that rely on CCI correlation.

Copyright © 2021 - 2025 Soteria Software LLC.
Do The Work. Automate the Paperwork!SM