Which control specifically addresses interconnections between information systems?

Interconnections between information systems require a control that explicitly governs how systems connect and exchange data. The System Interconnections control is specifically designed for that purpose: it requires identifying and documenting all interconnections, obtaining proper authorization, and applying protections at the connection boundaries. It also covers interconnection security agreements and ongoing monitoring to manage risk where systems meet or share data, both internally and with external partners. This focused scope is why it best fits the question about interconnections. The other controls serve different purposes: Security Awareness Training deals with people and their behavior rather than technical links; Vulnerability Scanning targets finding weaknesses in systems; FIPS 199 provides criteria for classifying system security impact but doesn’t specifically address interconnections.