πΌ SR-11 Component Authenticity (L)(M)(H)
- Contextual name: πΌ SR-11 Component Authenticity (L)(M)(H)
- ID:
/frameworks/fedramp-moderate-security-controls/sr/11 - Located in: πΌ Supply Chain Risk Management
Descriptionβ
a. Develop and implement anti-counterfeit policy and procedures that include the means to detect and prevent counterfeit components from entering the system; and
b. Report counterfeit system components to [Selection (one-or-more): source of counterfeit component; [Assignment: organization-defined external reporting organizations]; [Assignment: organization-defined personnel or roles]].
SR-11 Additional FedRAMP Requirements and Guidance:
Requirement: CSOs must ensure that their supply chain vendors provide authenticity of software and patches and the vendor must have a plan to protect the development pipeline.
Similarβ
- Sections
/frameworks/fedramp-high-security-controls/sr/11
- Internal
- ID:
dec-c-aa004b53
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ FedRAMP High Security Controls β πΌ SR-11 Component Authenticity (L)(M)(H) | 2 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ SR-11(1) Anti-counterfeit Training (L)(M)(H) | ||||
| πΌ SR-11(2) Configuration Control for Component Service and Repair (L)(M)(H) |