Skip to main content

💼 SI-12 Information Management and Retention

  • ID: /frameworks/nist-sp-800-53-r5/si/12

Stats

not available

Description

Manage and retain information within the system and information output from the system in accordance with applicable laws, executive orders, directives, regulations, policies, standards, guidelines and operational requirements.

Similar

  • Sections
    • /frameworks/aws-fsbp-v1.0.0/backup/01
    • /frameworks/aws-fsbp-v1.0.0/documentdb/02
    • /frameworks/aws-fsbp-v1.0.0/dynamodb/02
    • /frameworks/aws-fsbp-v1.0.0/efs/02
    • /frameworks/aws-fsbp-v1.0.0/elasticache/01
    • /frameworks/aws-fsbp-v1.0.0/emr/03
    • /frameworks/aws-fsbp-v1.0.0/neptune/05
    • /frameworks/aws-fsbp-v1.0.0/rds/11
  • Internal
    • ID: dec-c-5b37d6f4

Similar Sections (Take Policies From)

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Backup.1] AWS Backup recovery points should be encrypted at rest1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [DocumentDB.2] Amazon DocumentDB clusters should have an adequate backup retention period1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [DynamoDB.2] DynamoDB tables should have point-in-time recovery enabled11no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EFS.2] Amazon EFS volumes should be in backup plansno data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ElastiCache.1] ElastiCache (Redis OSS) clusters should have automatic backups enabled1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EMR.3] Amazon EMR security configurations should be encrypted at rest1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Neptune.5] Neptune DB clusters should have automated backups enabled1no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.11] RDS instances should have automatic backups enabled1no data

Similar Sections (Give Policies To)

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 FedRAMP High Security Controls → 💼 SI-12 Information Management and Retention (L)(M)(H)8no data
💼 FedRAMP Low Security Controls → 💼 SI-12 Information Management and Retention (L)(M)(H)8no data
💼 NIST CSF v2.0 → 💼 ID.AM-07: Inventories of data and corresponding metadata for designated data types are maintained8no data
💼 NIST CSF v2.0 → 💼 ID.AM-08: Systems, hardware, software, services, and data are managed throughout their life cycles28no data

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 SI-12(1) Information Management and Retention _ Limit Personally Identifiable Information Elementsno data
💼 SI-12(2) Information Management and Retention _ Minimize Personally Identifiable Information in Testing, Training, and Researchno data
💼 SI-12(3) Information Management and Retention _ Information Disposalno data

Policies (8)

PolicyLogic CountFlagsCompliance
🛡️ AWS Backup Vault contains unencrypted Recovery Points🟢1🟢 x6no data
🛡️ AWS DynamoDB Table does not have on-demand backups in the past 90 days🟢1🟢 x6no data
🛡️ AWS DynamoDB Table Point In Time Recovery is not enabled🟢1🟢 x6no data
🛡️ AWS ElastiCache Redis Cluster automatic backups are not enabled🟢1🟢 x6no data
🛡️ AWS EMR Cluster encryption is disabled🟢⚪🟢 x2, ⚪ x1no data
🛡️ AWS RDS Cluster Backup Retention Period is less than 7 days🟢1🟢 x6no data
🛡️ AWS RDS Instance automated backups are not enabled🟢1🟢 x6no data
🛡️ AWS S3 Bucket Versioning is not enabled🟢1🟢 x6no data