💼 SA-4 (7) NIAP-APPROVED PROTECTION PROFILES
- ID:
/frameworks/nist-sp-800-53-r4/sa/04/07
Description​
The organization: SA-4 (7)(a) Limits the use of commercially provided information assurance (IA) and IA-enabled information technology products to those products that have been successfully evaluated against a National Information Assurance partnership (NIAP)-approved Protection Profile for a specific technology type, if such a profile exists; and SA-4 (7)(b) Requires, if no NIAP-approved Protection Profile exists for a specific technology type but a commercially provided information technology product relies on cryptographic functionality to enforce its security policy, that the cryptographic module is FIPS-validated.
Similar​
- Internal
- ID:
dec-c-3b0e5372
- ID:
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|