Navigate

SI-14 (1)

SI-14 (1): Refresh From Trusted Sources

The organization ensures that software and data employed during information system component and service refreshes are obtained from [Assignment: organization-defined trusted sources].

Supplemental

Trusted sources include, for example, software/data from write-once, read-only media or from selected off-line secure storage facilities.

CIA Levels
Confidentiality	unknown
Integrity	unknown
Availability	unknown

Overlays
Int-A, Int-B, Int-C

Related Controls

The controls below (if any) were marked by NIST as being related to SI-14 (1).

Control	Description
No controls

Enhancements

The controls below (if any) add on to the requirements of SI-14 (1).

Control	Description
No controls

Related CCIs

The CCIs below are tied to SI-14 (1).

CCI	Definition
CCI-002768	The organization defines the trusted sources from which it obtains software and data employed during the refreshing of non-persistent information system components and services.
CCI-002769	The organization ensures that software and data employed during non-persistent information system component and service refreshes are obtained from organization-defined trusted sources.