CCI-000876
CCI-000876 Definition
Allow the use of nonlocal maintenance and diagnostic tools only as consistent with organizational policy and documented in the security plan for the system.
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
The organization being inspected/assessed: 1. documents within the Security Plan the non-local maintenance and diagnostic tools that are allowed; and 2. allows the use of non-local maintenance and diagnostic tools IAW the tools identified in the Security Plan and MA-4, CCI 873.
Validation Procedures
The organization conducting the inspection/assessment obtains and examines: 1. the Security Plan to ensure non-local maintenance and diagnostic tools have been identified; and 2. maintenance records to ensure only those tools allowed are used IAW MA-4, CCI 873.
Compelling Evidence
1.) Signed and dated Security Plan, which identifies authorized non-local maintenance and diagnostic tools 3.) Maintenance records