Navigate

SI-14(1)

SI-14(1): Refresh from Trusted Sources

The organization ensures that software and data employed during information system component and service refreshes are obtained from [organization-defined trusted sources].

Supplemental

Trusted sources include, for example, software/data from write-once, read-only media or from selected off-line secure storage facilities.

CIA Levels
Confidentiality	unknown
Integrity	unknown
Availability	unknown

Overlays
None

CSF Categories
None

Related Controls

The controls below (if any) were marked by NIST as being related to SI-14(1).

Control	Description
No controls

Enhancements

The controls below (if any) add on to the requirements of SI-14(1).

Control	Description
No controls

Related CCIs

The CCIs below are tied to SI-14(1).

CCI	Definition
CCI-002768	Defines the trusted sources from which it obtains software and data employed during the refreshing of non-persistent system components and services.
CCI-002769	Obtain software and data employed during non-persistent system component and service refreshes are obtained from organization-defined trusted sources.