πΌ SI-5 Security Alerts, Advisories, and Directives (L)(M)(H)
- Contextual name: πΌ SI-5 Security Alerts, Advisories, and Directives (L)(M)(H)
- ID:
/frameworks/fedramp-low-security-controls/si/05 - Located in: πΌ System and Information Integrity
Descriptionβ
a. Receive system security alerts, advisories, and directives from [FedRAMP Assignment: to include US-CERT and Cybersecurity and Infrastructure Security Agency (CISA) Directives] on an ongoing basis;
b. Generate internal security alerts, advisories, and directives as deemed necessary;
c. Disseminate security alerts, advisories, and directives to: [Selection (one-or-more): [FedRAMP Assignment: to include system security personnel and administrators with configuration/patch-management responsibilities]; [Assignment: organization-defined elements within the organization]; [Assignment: organization-defined external organizations]]; and
d. Implement security directives in accordance with established time frames, or notify the issuing organization of the degree of noncompliance.
SI-5 Additional FedRAMP Requirements and Guidance:
Requirement: Service Providers must address the CISA Emergency and Binding Operational Directives applicable to their cloud service offering per FedRAMP guidance. This includes listing the applicable directives and stating compliance status.
Similarβ
- Sections
/frameworks/nist-sp-800-53-r5/si/05/frameworks/fedramp-high-security-controls/si/05
- Internal
- ID:
dec-c-c3491572
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ FedRAMP High Security Controls β πΌ SI-5 Security Alerts, Advisories, and Directives (L)(M)(H) | 1 | |||
| πΌ NIST SP 800-53 Revision 5 β πΌ SI-5 Security Alerts, Advisories, and Directives | 1 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|