CCI-001300

Employ automated tools that provide notification to organization-defined personnel or roles upon discovering discrepancies during integrity verification.

Implementation Guidance

The organization being inspected/assessed documents and implements automated tools that provide notification to at a minimum, the ISSO and ISSM upon discovering discrepancies during integrity verification. DoD has defined the personnel or roles as at a minimum, the ISSO and ISSM.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines documentation of the use of the identified automated tools to ensure the organization being inspected/assessed employs automated tools that provide notification to at a minimum, the ISSO and ISSM upon discovering discrepancies during integrity verification. The organization being inspected/assessed may be required to demonstrate use of their identified automated tools. DoD has defined the personnel or roles as at a minimum, the ISSO and ISSM.

Compelling Evidence

1.) Signed and dated System security plan documents the use of the identified automated tools to ensure the organization being inspected/assessed employs automated tools that provide notification to at a minimum, the ISSO and ISSM upon discovering discrepancies during integrity verification.

The controls below (if any) were marked by NIST as being related to CCI-001300.