An error occurred:

CCI-000882

CCI-000882 Definition

Require that nonlocal maintenance and diagnostic services be performed from a system that implements a security capability comparable to the capability implemented on the system being serviced.
Status
Type CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Determine if: - nonlocal maintenance services are required to be performed from a system that implements a security capability comparable to the capability implemented on the system being serviced. - nonlocal diagnostic services are required to be performed from a system that implements a security capability comparable to the capability implemented on the system being serviced.

Validation Procedures

Examine: [SELECT FROM: Maintenance policy; procedures addressing nonlocal system maintenance; service provider contracts and/or service-level agreements; maintenance records; inspection records; audit records; equipment sanitization records; media sanitization records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with system maintenance responsibilities; system maintenance provider; organizational personnel with information security responsibilities; organizational personnel responsible for media sanitization; system/network administrators]. Test: [SELECT FROM: Organizational processes for comparable security and sanitization for nonlocal maintenance; organizational processes for the removal, sanitization, and inspection of components serviced via nonlocal maintenance; mechanisms supporting and/or implementing component sanitization and inspection].