| 💼 SI-1 Policy and Procedures (L)(M)(H) | | | | |
| 💼 SI-2 Flaw Remediation (L)(M)(H) | 2 | | 10 | |
|     💼 SI-2(2) Automated Flaw Remediation Status (M)(H) | | | 2 | |
|     💼 SI-2(3) Time to Remediate Flaws and Benchmarks for Corrective Actions (M)(H) | | | | |
| 💼 SI-3 Malicious Code Protection (L)(M)(H) | | | 7 | |
| 💼 SI-4 System Monitoring (L)(M)(H) | 7 | | 7 | |
|     💼 SI-4(1) System-wide Intrusion Detection System (M)(H) | | | 1 | |
|     💼 SI-4(2) Automated Tools and Mechanisms for Real-time Analysis (M)(H) | | | | |
|     💼 SI-4(4) Inbound and Outbound Communications Traffic (M)(H) | | | 7 | |
|     💼 SI-4(5) System-generated Alerts (M)(H) | | | | |
|     💼 SI-4(16) Correlate Monitoring Information (M)(H) | | | | |
|     💼 SI-4(18) Analyze Traffic and Covert Exfiltration (M)(H) | | | | |
|     💼 SI-4(23) Host-based Devices (M)(H) | | | | |
| 💼 SI-5 Security Alerts, Advisories, and Directives (L)(M)(H) | | | | |
| 💼 SI-6 Security and Privacy Function Verification (M)(H) | | | | |
| 💼 SI-7 Software, Firmware, and Information Integrity (M)(H) | 2 | | 1 | |
|     💼 SI-7(1) Integrity Checks (M)(H) | | | 1 | |
|     💼 SI-7(7) Integration of Detection and Response (M)(H) | | | 1 | |
| 💼 SI-8 Spam Protection (M)(H) | 1 | | | |
|     💼 SI-8(2) Automatic Updates (M)(H) | | | | |
| 💼 SI-10 Information Input Validation (M)(H) | | | | |
| 💼 SI-11 Error Handling (M)(H) | | | | |
| 💼 SI-12 Information Management and Retention (L)(M)(H) | | | 2 | |
| 💼 SI-16 Memory Protection (M)(H) | | | | |