NIST 800-53 REV 5 • SYSTEM AND COMMUNICATIONS PROTECTION

SC-4(2)Multilevel or Periods Processing

Prevent unauthorized information transfer via shared resources in accordance with {{ insert: param, sc-04.02_odp }} when system processing explicitly switches between different information classification levels or security categories.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

No related controls listed

Supplemental Guidance

Changes in processing levels can occur during multilevel or periods processing with information at different classification levels or security categories. It can also occur during serial reuse of hardware components at different classification levels. Organization-defined procedures can include approved sanitization processes for electronically stored information.

Practitioner Notes

During multilevel or periods processing — where a system switches between handling data at different classification levels — shared resources must be sanitized according to approved procedures before the switch.

Example 1: Before switching a workstation from processing SECRET data to UNCLASSIFIED data, follow your approved sanitization procedure: clear memory, flush caches, and verify no residual classified data remains using approved tools.

Example 2: On shared printers that handle documents at multiple classification levels, configure the device to purge its internal memory and print queue completely between classification level changes, and display the current operating level on the printer console.

More System and Communications Protection Controls

SC-1 Policy and Procedures SC-2 Separation of System and User Functionality SC-2(1) Interfaces for Non-privileged Users SC-2(2) Disassociability