Navigate

CCI-002768

CCI-002768 Definition

Defines the trusted sources from which it obtains software and data employed during the refreshing of non-persistent system components and services.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed defines and documents the trusted sources from which it obtains software and data employed during the refreshing of non-persistent information system component and service. DoD has determined the trusted sources are not appropriate to define at the Enterprise level.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented trusted sources to ensure the organization being inspected/assessed defines the trusted sources from which it obtains software and data employed during the refreshing of non-persistent information system component and service. DoD has determined the trusted sources are not appropriate to define at the Enterprise level.

Compelling Evidence

1.) Signed and dated System security plan defines the trusted sources from which it obtains software and data employed during the refreshing of non-persistent information system component and service.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002768.

Control	Description
SI-14(1)	The organization ensures that software and data employed during information system component and service refreshes are obtained from [one of ].