CCI-002512

Implement specific procedures for organization-defined authorized individuals to manually re-enable hardware write-protect prior to returning to operational mode.

Implementation Guidance

Determine if: - specific procedures are implemented for [SC-51_ODP[02]; authorized individuals requiring procedures for disabling and re-enabling hardware write-protect are defined] to manually disable hardware write-protect for firmware modifications. - specific procedures are implemented for [SC-51_ODP[02]; authorized individuals requiring procedures for disabling and re-enabling hardware write-protect are defined] to re-enable the write-protect prior to returning to operational mode.

Validation Procedures

Examine: [SELECT FROM: System and communications protection policy; procedures addressing firmware modifications; system design documentation; system configuration settings and associated documentation; system architecture; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: System/network administrators; organizational personnel with information security responsibilities; organizational personnel installing, configuring, and/or maintaining the system; system developers/integrators]. Test: [SELECT FROM: Organizational processes for modifying system firmware; mechanisms supporting and/or implementing hardware-based write-protection for system firmware].

The controls below (if any) were marked by NIST as being related to CCI-002512.