Demo · sample data, not for production use · request the real tool →

CC6.7

Restricts the transmission, movement, and removal of information

SecurityPartialSecurity (Common Criteria)

Control description

AICPA Trust Services Criteria

The entity restricts the transmission, movement, and removal of information to authorized internal and external users and processes, and protects it during transmission, movement, or removal.

Auditor test plan

How this is tested during the audit

Auditor reviews TLS configuration for in-scope endpoints, DLP policies, and MDM controls preventing removable media.

Evidence

No evidence on file yet

Open vault →
No evidence attached

Upload at least one artifact before the audit window opens.

Last reviewed
54d
Within 180-day window
Evidence on file
2

Owner

DS
Director, Security
Accountable for design + operating effectiveness

Status timeline

Recent control history

  1. Last reviewed by Director, Security

    54d ago

  2. Remediation plan opened

    68d ago

  3. Auditor flagged design gap

    114d ago