Table E-17: Tailoring Actions for System and Information Integrity Controls
NIST SP 800-53 MODERATE BASELINE SECURITY CONTROLS |
TAILORING |
|
SI-1 |
System and Information Integrity Policy and Procedures |
NFO |
SI-2 |
Flaw Remediation |
CUI |
SI-2(2) |
FLAW REMEDIATION | AUTOMATED FLAW REMEDIATION STATUS |
NCO |
SI-3 |
Malicious Code Protection |
CUI |
SI-3(1) |
MALICIOUS CODE PROTECTION | CENTRAL MANAGEMENT |
NCO |
SI-3(2) |
MALICIOUS CODE PROTECTION | AUTOMATIC UPDATES |
NCO |
SI-4 |
Information System Monitoring |
CUI |
SI-4(2) |
INFORMATION SYSTEM MONITORING | AUTOMATED TOOLS FOR REAL-TIME ANALYSIS |
NCO |
SI-4(4) |
INFORMATION SYSTEM MONITORING | INBOUND AND OUTBOUND COMMUNICATIONS TRAFFIC |
CUI |
SI-4(5) |
INFORMATION SYSTEM MONITORING | SYSTEM-GENERATED ALERTS |
NFO |
SI-5 |
Security Alerts, Advisories, and Directives |
CUI |
SI-7 |
Software, Firmware, and Information Integrity |
NCO |
SI-7(1) |
SOFTWARE, FIRMWARE, AND INFORMATION INTEGRITY | INTEGRITY CHECKS |
NCO |
SI-7(7) |
SOFTWARE, FIRMWARE, AND INFORMATION INTEGRITY | INTEGRATION OF DETECTION AND RESPONSE |
NCO |
SI-8 |
Spam Protection |
NCO |
SI-8(1) |
SPAM PROTECTION | CENTRAL MANAGEMENT |
NCO |
SI-8(2) |
SPAM PROTECTION | AUTOMATIC UPDATES |
NCO |
SI-10 |
Information Input Validation |
NCO |
SI-11 |
Error Handling |
NCO |
SI-12 |
Information Handling and Retention |
FED |
SI-16 |
Memory Protection |
NFO |