๐ผ SA-4(7) Acquisition Process | NIAP-approved Protection Profiles
- Contextual name: ๐ผ SA-4(7) Acquisition Process | NIAP-approved Protection Profiles
- ID:
/frameworks/nist-sp-800-53-r5/sa/04/07 - Located in: ๐ผ SA-4 Acquisition Process
Descriptionโ
(a) Limit the use of commercially provided information assurance and information assurance-enabled information technology products to those products that have been successfully evaluated against a National Information Assurance partnership (NIAP)-approved Protection Profile for a specific technology type, if such a profile exists; and (b) Require, if no NIAP-approved Protection Profile exists for a specific technology type but a commercially provided information technology product relies on cryptographic functionality to enforce its security policy, that the cryptographic module is FIPS-validated or NSA-approved.
Similarโ
- Internal
- ID:
dec-c-37917d9d
- ID:
Sub Sectionsโ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|