SC-04 Information Remnance

Control: The information system prevents unauthorized and unintended information transfer via shared system resources.

Supplemental Guidance: Control of information system remnance, sometimes referred to as object reuse, or data remnance, prevents information, including encrypted representations of information, produced by the actions of a prior user/role (or the actions of a process acting on behalf of a prior user/role) from being available to any current user/role (or current process) that obtains access to a shared system resource (e.g., registers, main memory, secondary storage) after that resource has been released back to the information system.

Control Enhancements: (0) None.

Baseline: LOW Not Selected MOD SC-4 HIGH SC-4

Family: System And Communications Protection

Class: Technical

ISO 17799 mapping: 10.8.1

COBIT 4.1 mapping: None.

PCI-DSS v2 mapping: None.