Doc:NIST SP 800-53r3 Appendix F/SC-32
SC-32 INFORMATION SYSTEM PARTITIONING
- Control: The organization partitions the information system into components residing in separate physical domains (or environments) as deemed necessary.
- Supplemental Guidance: Information system partitioning is a part of a defense-in-depth protection strategy. An organizational assessment of risk guides the partitioning of information system components into separate physical domains (or environments). The security categorization also guides the selection of appropriate candidates for domain partitioning. Managed interfaces restrict or prohibit network access and information flow among partitioned information system components. Related controls: AC-4, SC-7.
- Control Enhancements: None.