STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← All Controls

AC-4 (19)

Access ControlRev 5system

Information Flow Enforcement

Control Statement

When transferring information between different security domains, implement [Assignment: organization-defined security or privacy policy filters] on metadata.

Supplemental Guidance

All information (including metadata and the data to which the metadata applies) is subject to filtering and inspection. Some organizations distinguish between metadata and data payloads (i.e., only the data to which the metadata is bound). Other organizations do not make such distinctions and consider metadata and the data to which the metadata applies to be part of the payload.

CCI Identifiers (2)

CCI-002211When transferring information between different security domains, implement organization-defined security or privacy filters on metadata.CCI-003666Defines the security or privacy policy filters implemented when transferring information between security domains.

Linked STIG Checks (4)

Across 4 STIGs. Click to expand.