| ID | Title | Objective | Control Family | Threat Mappings | Guideline Mappings | Assessment Requirements |
|---|---|---|---|---|---|---|
| CCC.Vector.CN01 | Validate Embeddings Before Indexing | Ensure all incoming embeddings are structurally and statistically validated before indexing to prevent poisoning or corruption. | Ingestion | 3 | 1 | 1 |
| CCC.Vector.CN02 | Enforce Role-Based Index Lifecycle Management | Restrict index lifecycle operations (create, delete, rollback) to privileged identities using fine-grained access controls. | Access | 3 | 1 | 1 |
| CCC.Vector.CN03 | Enforce Metadata-Level Access Controls | Apply access control policies to metadata fields used in filtering to prevent unauthorized exposure or inference. | Access | 2 | 3 | 1 |
| CCC.Vector.CN04 | Enforce Ingestion Quotas and Throttling | Prevent ingestion-based DoS or index pollution by rate-limiting vector submissions and enforcing quotas. | Ingestion | 2 | 1 | 1 |
| CCC.Vector.CN05 | Enforce Index Versioning with Rollback Protection | Ensure vector indexes are versioned and that rollback operations are authorized and auditable. | Resource | 3 | 1 | 1 |
| CCC.Vector.CN06 | Enforce Dimensional and Format Constraints | Reject embeddings that do not conform to expected model specifications (dimensions, format, etc). | Ingestion | 2 | 1 | 1 |
| CCC.Vector.CN07 | Support Explicit ANN vs. Exact Search Configuration | Provide clients with the option to enforce exact-match (non-ANN) search where search fidelity is critical. | Processing | 1 | 0 | 1 |
Database / Vector
CCC Managed Vector Store Controls
Version: DEV