Guidance for NIST 800-171 Assessment & Compliance
Applicable (Y)es / (N)o |
(C)onfidentiality |
(I)ntegrity |
(A)vailability |
RPN (C+I+A) |
(S)atisfactory |
||||||
L1 |
M2 |
H3 |
L1 |
M2 |
H3 |
L1 |
M2 |
H3 |
(O)ther than satisfactory +## |
||
|
|
|
|
|
|
|
|
|
|
|
|
###
si-4(3) |
information system monitoring | automated tool integration |
|
|
assessment objective: Determine if the organization, for rapid response to attacks by enabling reconfiguration of intrusion detection tools in support of attack isolation and elimination, employs automated tools to integrate intrusion detection tools into: |
|
si-4(3)[1] |
access control mechanisms; and |
|
si-4(3)[2] |
flow control mechanisms. |
|
potential assessment methods and objects: Examine: [select from: System and information integrity policy; access control policy and procedures; procedures addressing information system monitoring tools and techniques; information system design documentation; information system monitoring tools and techniques documentation; information system configuration settings and associated documentation; information system audit records; other relevant documents or records]. Interview: [select from: System/network administrators; organizational personnel with information security responsibilities; organizational personnel installing, configuring, and/or maintaining the information system; organizational personnel with responsibility for monitoring the information system; organizational personnel with responsibility for the intrusion detection system]. Test: [select from: Organizational processes for intrusion detection/information system monitoring; automated mechanisms supporting and/or implementing intrusion detection/information system monitoring capability; automated mechanisms/tools supporting and/or implementing access/flow control capability; automated mechanisms/tools supporting and/or implementing integration of intrusion detection tools into access/flow control mechanisms]. |
||
