MP-8: Media Downgrading

From NIST's SP800-53:

a. Establish [Assignment: organization-defined system media downgrading process] that includes employing downgrading mechanisms with strength and integrity commensurate with the security category or classification of the information; b. Verify that the system media downgrading process is commensurate with the security category and/or classification level of the information to be removed and the access authorizations of the potential recipients of the downgraded information; c. Identify [Assignment: organization-defined system media requiring downgrading]; and d. Downgrade the identified system media using the established process.

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

SP800-53 Control Mapped to NIST Cyber Security Framework

Generated from NISTs SP800-53/CSF Crosswalk mappings.

Control ID	Description
PR.DS-1	Data-at-rest is protected
PR.PT-2	Removable media is protected and its use restricted according to policy