πΌ SR-11 Component Authenticity (L)(M)(H)
- Contextual name: πΌ SR-11 Component Authenticity (L)(M)(H)
- ID:
/frameworks/fedramp-high-security-controls/sr/11 - Located in: πΌ Supply Chain Risk Management
Descriptionβ
a. Develop and implement anti-counterfeit policy and procedures that include the means to detect and prevent counterfeit components from entering the system; and
b. Report counterfeit system components to [Selection (one-or-more): source of counterfeit component; [Assignment: organization-defined external reporting organizations]; [Assignment: organization-defined personnel or roles]].
SR-11 Additional FedRAMP Requirements and Guidance:
Requirement: CSOs must ensure that their supply chain vendors provide authenticity of software and patches and the vendor must have a plan to protect the development pipeline.
Similarβ
- Sections
/frameworks/nist-sp-800-53-r5/sr/11
- Internal
- ID:
dec-c-aa004b53
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST SP 800-53 Revision 5 β πΌ SR-11 Component Authenticity | 3 |
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ FedRAMP Low Security Controls β πΌ SR-11 Component Authenticity (L)(M)(H) | 2 | |||
| πΌ FedRAMP Moderate Security Controls β πΌ SR-11 Component Authenticity (L)(M)(H) | 2 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ SR-11(1) Anti-counterfeit Training (L)(M)(H) | ||||
| πΌ SR-11(2) Configuration Control for Component Service and Repair (L)(M)(H) |