NIST 800-53 Rev. 5

AC
AT
AU
CA
CM
CP
IA
IR
MA
MP
PE
PL
PM
PS
PT
RA
SA
SC
SI
SR
AC-1
AC-2
AC-2(1)
AC-2(2)
AC-2(3)
AC-2(4)
AC-2(5)
AC-2(6)
AC-2(7)
AC-2(8)
AC-2(9)
AC-2(11)
AC-2(12)
AC-2(13)
AC-3
AC-14(1)
AC-3(2)
AC-3(3)
AC-3(4)
AC-3(5)
AC-15
AC-3(7)
AC-3(8)
AC-3(9)
AC-3(10)
AC-3(11)
AC-3(12)
AC-3(13)
AC-3(14)
AC-3(15)
AC-4
AC-4(1)
AC-4(2)
AC-4(3)
AC-4(4)
AC-4(5)
AC-4(6)
AC-4(7)
AC-4(8)
AC-4(9)
AC-4(10)
AC-4(11)
AC-4(12)
AC-4(13)
AC-4(14)
AC-4(15)
AC-17(5)
AC-4(17)
AC-17(7)
AC-4(19)
AC-4(20)
AC-4(21)
AC-4(22)
AC-4(23)
AC-4(24)
AC-4(25)
AC-4(26)
AC-4(27)
AC-4(28)
AC-4(29)
AC-4(30)
AC-4(31)
AC-4(32)
AC-5
AC-6
AC-6(1)
AC-6(2)
AC-6(3)
AC-6(4)
AC-6(5)
AC-6(6)
AC-6(7)
AC-6(8)
AC-6(9)
AC-6(10)
AC-7
AC-17(8)
AC-7(2)
AC-7(3)
AC-7(4)
AC-8
AC-9
AC-9(1)
AC-9(2)
AC-9(3)
AC-9(4)
AC-10
AC-11
AC-11(1)
AC-12
AC-12(1)
AC-12(2)
AC-12(3)
AC-13
AC-14
AC-19(1)
AC-19(2)
AC-16
AC-16(1)
AC-16(2)
AC-16(3)
AC-16(4)
AC-16(5)
AC-16(6)
AC-16(7)
AC-16(8)
AC-16(9)
AC-16(10)
AC-17
AC-17(1)
AC-17(2)
AC-17(3)
AC-17(4)
AC-17(6)
AC-18(2)
AC-19(3)
AC-2(10)
AC-3(1)
AC-17(9)
AC-17(10)
AC-18
AC-18(1)
AC-3(6)
AC-18(3)
AC-18(4)
AC-18(5)
AC-19
AC-4(16)
AC-4(18)
AC-7(1)
AC-19(4)
AC-19(5)
AC-20
AC-20(1)
AC-20(2)
AC-20(3)
AC-20(4)
AC-20(5)
AC-21
AC-21(1)
AC-21(2)
AC-22
AC-23
AC-24
AC-24(1)
AC-24(2)
AC-25

AC-4(25): Information Flow Enforcement | Data Sanitization

Control Text:

When transferring information between different security domains, sanitize data to minimize [Selection (one or more): delivery of malicious content, command and control of malicious code, malicious code augmentation, and steganography encoded data; spillage of sensitive information] in accordance with [Assignment: organization-defined policy]].

Data sanitization is the process of irreversibly removing or destroying data stored on a memory device (e.g., hard drives, flash memory/solid state drives, mobile devices, CDs, and DVDs) or in hard copy form.

Related Controls