💼 SA-4 (7) NIAP-APPROVED PROTECTION PROFILES

Contextual name: 💼 SA-4 (7) NIAP-APPROVED PROTECTION PROFILES
ID: /frameworks/nist-sp-800-53-r4/sa/04/07
Located in: 💼 SA-4 ACQUISITION PROCESS

Description

The organization: SA-4 (7)(a) Limits the use of commercially provided information assurance (IA) and IA-enabled information technology products to those products that have been successfully evaluated against a National Information Assurance partnership (NIAP)-approved Protection Profile for a specific technology type, if such a profile exists; and SA-4 (7)(b) Requires, if no NIAP-approved Protection Profile exists for a specific technology type but a commercially provided information technology product relies on cryptographic functionality to enforce its security policy, that the cryptographic module is FIPS-validated.

Similar

Internal
- ID: dec-c-3b0e5372

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Description​

Similar​

Sub Sections​

Description

Similar

Sub Sections