Skip to main content

💼 SI-12 Information Management and Retention

  • ID: /frameworks/nist-sp-800-53-r5/si/12

Description

Manage and retain information within the system and information output from the system in accordance with applicable laws, executive orders, directives, regulations, policies, standards, guidelines and operational requirements.

Similar

  • Sections
    • /frameworks/aws-fsbp-v1.0.0/backup/01
    • /frameworks/aws-fsbp-v1.0.0/documentdb/02
    • /frameworks/aws-fsbp-v1.0.0/dynamodb/02
    • /frameworks/aws-fsbp-v1.0.0/efs/02
    • /frameworks/aws-fsbp-v1.0.0/elasticache/01
    • /frameworks/aws-fsbp-v1.0.0/emr/03
    • /frameworks/aws-fsbp-v1.0.0/neptune/05
    • /frameworks/aws-fsbp-v1.0.0/rds/11
  • Internal
    • ID: dec-c-5b37d6f4

Similar Sections (Take Policies From)

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Backup.1] AWS Backup recovery points should be encrypted at rest1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [DocumentDB.2] Amazon DocumentDB clusters should have an adequate backup retention periodno data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [DynamoDB.2] DynamoDB tables should have point-in-time recovery enabled11no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EFS.2] Amazon EFS volumes should be in backup plansno data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ElastiCache.1] ElastiCache (Valkey and Redis OSS) clusters should have automatic backups enabled1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EMR.3] Amazon EMR security configurations should be encrypted at restno data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Neptune.5] Neptune DB clusters should have automated backups enabledno data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.11] RDS instances should have automatic backups enabled1no data

Similar Sections (Give Policies To)

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 FedRAMP High Security Controls → 💼 SI-12 Information Management and Retention (L)(M)(H)5no data
💼 FedRAMP Low Security Controls → 💼 SI-12 Information Management and Retention (L)(M)(H)5no data
💼 NIST CSF v2.0 → 💼 ID.AM-07: Inventories of data and corresponding metadata for designated data types are maintained5no data
💼 NIST CSF v2.0 → 💼 ID.AM-08: Systems, hardware, software, services, and data are managed throughout their life cycles25no data

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 SI-12(1) Information Management and Retention _ Limit Personally Identifiable Information Elementsno data
💼 SI-12(2) Information Management and Retention _ Minimize Personally Identifiable Information in Testing, Training, and Researchno data
💼 SI-12(3) Information Management and Retention _ Information Disposalno data

Policies (5)

PolicyLogic CountFlagsCompliance
🛡️ AWS Backup Vault contains unencrypted Recovery Points🟢1🟢 x6no data
🛡️ AWS DynamoDB Table Point In Time Recovery is not enabled🟢1🟢 x6no data
🛡️ AWS ElastiCache Redis Cluster automatic backups are not enabled🟢1🟢 x6no data
🛡️ AWS RDS Instance automated backups are not enabled🟢1🟢 x6no data
🛡️ AWS S3 Bucket Versioning is not enabled🟢1🟢 x6no data