CCI-003352

The organization inspects organization-defined information systems, system components, or devices at random, at an organization-defined frequency, and/or upon organization-defined indications of need for inspection to detect tampering.

Implementation Guidance

The organization being inspected/assessed documents and implements a process to inspect information systems, system components, or devices defined in SA-18 (2), CCI 3353 at random, at a frequency defined in SA-18 (2), CCI 3354, and/or upon indications of need for inspection defined in SA-18 (2), CCI 3355 to detect tampering. The organization must maintain a record of inspections.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented process as well as the record of inspections to ensure the organization being inspected/assessed inspects information systems, system components, or devices defined in SA-18 (2), CCI 3353 at random, at a frequency defined in SA-18 (2), CCI 3354, and/or upon indications of need for inspection defined in SA-18 (2), CCI 3355 to detect tampering.

Compelling Evidence

1.) System security plan (SSP). 2.) System development life cycle (SDLC) documentation. 3.) Continuous monitoring plan for requiring inspections of organization-defined information systems, system components, or devices at random, at organization-defined frequency, and/or upon organization-defined indications of need for inspection to detect tampering.

The controls below (if any) were marked by NIST as being related to CCI-003352.