Navigate

SI-7 (13)

SI-7 (13): Code Execution In Protected Environments

The organization allows execution of binary or machine-executable code obtained from sources with limited or no warranty and without the provision of source code only in confined physical or virtual machine environments and with the explicit approval of [Assignment: organization-defined personnel or roles].

Supplemental

This control enhancement applies to all sources of binary or machine-executable code including, for example, commercial software/firmware and open source software.

CIA Levels
Confidentiality	unknown
Integrity	unknown
Availability	unknown

Overlays
None

Related Controls

The controls below (if any) were marked by NIST as being related to SI-7 (13).

Control	Description
No controls

Enhancements

The controls below (if any) add on to the requirements of SI-7 (13).

Control	Description
No controls

Related CCIs

The CCIs below are tied to SI-7 (13).

CCI	Definition
CCI-002734	The organization defines the personnel or roles which have the authority to explicitly approve binary or machine-executable code.
CCI-002735	The organization allows execution of binary or machine-executable code obtained from sources with limited or no warranty and without the provision of source code only in confined physical or virtual machine environments.
CCI-002736	The organization allows execution of binary or machine-executable code obtained from sources with limited or no warranty and without the provision of source code only with the explicit approval of organization-defined personnel or roles.