ID.AM-03:
Representations of the organization's authorized network communication and internal and external network data flows are maintained
Implementation Examples
Ex1:
Maintain baselines of communication and data flows within the organization's wired and wireless networks
Ex2:
Maintain baselines of communication and data flows between the organization and third parties
Ex3:
Maintain baselines of communication and data flows for the organization's infrastructure-as-a-service (IaaS) usage
Ex4:
Maintain documentation of expected network ports, protocols, and services that are typically used among authorized systems