Navigate

CCI-002728

CCI-002728 Definition

Defines the system components on which organization-defined mechanisms will be implemented to protect the integrity of the boot firmware.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed defines and documents the devices on which organization-defined security safeguards will be implemented to protect the integrity of the boot firmware. DoD has determined the devices are not appropriate to define at the Enterprise level.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented devices to ensure the organization being inspected/assessed defines the devices on which organization-defined security safeguards will be implemented to protect the integrity of the boot firmware. DoD has determined the devices are not appropriate to define at the Enterprise level.

Compelling Evidence

1.) Signed and dated System security plan with reference to section that defines the devices on which organization-defined security safeguards will be implemented to protect the integrity of the boot firmware.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002728.

Control	Description
SI-7(10)	The information system implements [one of ] to protect the integrity of boot firmware in [one of ].