πΌ SI-7 Software, Firmware, and Information Integrity
Descriptionβ
a. Employ integrity verification tools to detect unauthorized changes to the following software, firmware, and information: [Assignment: organization-defined software, firmware, and information]; and
b. Take the following actions when unauthorized changes to the software, firmware, and information are detected: [Assignment: organization-defined actions].
Similarβ
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
| πΌ FedRAMP High Security Controls β πΌ SI-7 Software, Firmware, and Information Integrity (M)(H) | 5 | | 1 | |
| πΌ NIST CSF v2.0 β πΌ DE.CM-09: Computing hardware and software, runtime environments, and their data are monitored to find potentially adverse events | | | 89 | |
| πΌ NIST CSF v2.0 β πΌ ID.RA-09: The authenticity and integrity of hardware and software are assessed prior to acquisition and use | | | | |
| πΌ NIST CSF v2.0 β πΌ PR.DS-01: The confidentiality, integrity, and availability of data-at-rest are protected | | | 82 | |
| πΌ NIST CSF v2.0 β πΌ PR.DS-02: The confidentiality, integrity, and availability of data-in-transit are protected | | | 69 | |
| πΌ NIST CSF v2.0 β πΌ PR.DS-10: The confidentiality, integrity, and availability of data-in-use are protected | | | 67 | |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
| πΌ SI-7(1) Software, Firmware, and Information Integrity _ Integrity Checks | | | 1 | |
| πΌ SI-7(2) Software, Firmware, and Information Integrity _ Automated Notifications of Integrity Violations | | | | |
| πΌ SI-7(3) Software, Firmware, and Information Integrity _ Centrally Managed Integrity Tools | | | 1 | |
| πΌ SI-7(4) Software, Firmware, and Information Integrity _ Tamper-evident Packaging | | | | |
| πΌ SI-7(5) Software, Firmware, and Information Integrity _ Automated Response to Integrity Violations | | | | |
| πΌ SI-7(6) Software, Firmware, and Information Integrity _ Cryptographic Protection | | | 6 | |
| πΌ SI-7(7) Software, Firmware, and Information Integrity _ Integration of Detection and Response | | | 1 | |
| πΌ SI-7(8) Software, Firmware, and Information Integrity _ Auditing Capability for Significant Events | | | 6 | |
| πΌ SI-7(9) Software, Firmware, and Information Integrity _ Verify Boot Process | | | | |
| πΌ SI-7(10) Software, Firmware, and Information Integrity _ Protection of Boot Firmware | | | | |
| πΌ SI-7(11) Software, Firmware, and Information Integrity _ Confined Environments with Limited Privileges | | | | |
| πΌ SI-7(12) Software, Firmware, and Information Integrity _ Integrity Verification | | 18 | 20 | |
| πΌ SI-7(13) Software, Firmware, and Information Integrity _ Code Execution in Protected Environments | | | | |
| πΌ SI-7(14) Software, Firmware, and Information Integrity _ Binary or Machine Executable Code | | | | |
| πΌ SI-7(15) Software, Firmware, and Information Integrity _ Code Authentication | | | | |
| πΌ SI-7(16) Software, Firmware, and Information Integrity _ Time Limit on Process Execution Without Supervision | | | | |
| πΌ SI-7(17) Software, Firmware, and Information Integrity _ Runtime Application Self-protection | | | | |