SC-02 Application Partitioning

Control: The information system separates user functionality (including user interface services) from information system management functionality.

Supplemental Guidance: The information system physically or logically separates user interface services (e.g., public web pages) from information storage and management services (e.g., database management). Separation may be accomplished through the use of different computers, different central processing units, different instances of the operating system, different network addresses, combinations of these methods, or other methods as appropriate.

Control Enhancements: (0) None.

Baseline: LOW Not Selected MOD SC-2 HIGH SC-2

Family: System And Communications Protection

Class: Technical

ISO 17799 mapping: 11.4.5

COBIT 4.1 mapping: AI2.4

PCI-DSS v2 mapping: 2.2.1, 1.3.7