compliance controls are associated with this Policy definition 'Create alternative actions for identified anomalies' (cc2f7339-2fac-1ea9-9ca3-cd530fbb0da2)
| Control Domain |
Control |
Name |
MetadataId |
Category |
Title |
Owner |
Requirements |
Description |
Info |
Policy# |
| FedRAMP_High_R4 |
SI-6 |
FedRAMP_High_R4_SI-6 |
FedRAMP High SI-6 |
System And Information Integrity |
Security Function Verification |
Shared |
n/a |
The information system:
a. Verifies the correct operation of [Assignment: organization-defined security functions];
b. Performs this verification [Selection (one or more): [Assignment: organization-defined system transitional states]; upon command by user with appropriate privilege; [Assignment: organization-defined frequency]];
c. Notifies [Assignment: organization-defined personnel or roles] of failed security verification tests; and
d. [Selection (one or more): shuts the information system down; restarts the information system; [Assignment: organization-defined alternative action(s)]] when anomalies are discovered.
Supplemental Guidance: Transitional states for information systems include, for example, system startup, restart, shutdown, and abort. Notifications provided by information systems include, for example, electronic alerts to system administrators, messages to local computer consoles, and/or hardware indications such as lights. Related controls: CA-7, CM-6.
References: None. |
link |
4 |
| FedRAMP_Moderate_R4 |
SI-6 |
FedRAMP_Moderate_R4_SI-6 |
FedRAMP Moderate SI-6 |
System And Information Integrity |
Security Function Verification |
Shared |
n/a |
The information system:
a. Verifies the correct operation of [Assignment: organization-defined security functions];
b. Performs this verification [Selection (one or more): [Assignment: organization-defined system transitional states]; upon command by user with appropriate privilege; [Assignment: organization-defined frequency]];
c. Notifies [Assignment: organization-defined personnel or roles] of failed security verification tests; and
d. [Selection (one or more): shuts the information system down; restarts the information system; [Assignment: organization-defined alternative action(s)]] when anomalies are discovered.
Supplemental Guidance: Transitional states for information systems include, for example, system startup, restart, shutdown, and abort. Notifications provided by information systems include, for example, electronic alerts to system administrators, messages to local computer consoles, and/or hardware indications such as lights. Related controls: CA-7, CM-6.
References: None. |
link |
4 |
| hipaa |
0204.09j2Organizational.1-09.j |
hipaa-0204.09j2Organizational.1-09.j |
0204.09j2Organizational.1-09.j |
02 Endpoint Protection |
0204.09j2Organizational.1-09.j 09.04 Protection Against Malicious and Mobile Code |
Shared |
n/a |
Scans for malicious software are performed on boot and every 12 hours. |
|
11 |
| hipaa |
1785.10a1Organizational.8-10.a |
hipaa-1785.10a1Organizational.8-10.a |
1785.10a1Organizational.8-10.a |
17 Risk Management |
1785.10a1Organizational.8-10.a 10.01 Security Requirements of Information Systems |
Shared |
n/a |
Where additional functionality is supplied and causes a security risk, the functionality is disabled or mitigated through application of additional controls. |
|
5 |
| NIST_SP_800-53_R4 |
SI-6 |
NIST_SP_800-53_R4_SI-6 |
NIST SP 800-53 Rev. 4 SI-6 |
System And Information Integrity |
Security Function Verification |
Shared |
n/a |
The information system:
a. Verifies the correct operation of [Assignment: organization-defined security functions];
b. Performs this verification [Selection (one or more): [Assignment: organization-defined system transitional states]; upon command by user with appropriate privilege; [Assignment: organization-defined frequency]];
c. Notifies [Assignment: organization-defined personnel or roles] of failed security verification tests; and
d. [Selection (one or more): shuts the information system down; restarts the information system; [Assignment: organization-defined alternative action(s)]] when anomalies are discovered.
Supplemental Guidance: Transitional states for information systems include, for example, system startup, restart, shutdown, and abort. Notifications provided by information systems include, for example, electronic alerts to system administrators, messages to local computer consoles, and/or hardware indications such as lights. Related controls: CA-7, CM-6.
References: None. |
link |
4 |
| NIST_SP_800-53_R5 |
SI-6 |
NIST_SP_800-53_R5_SI-6 |
NIST SP 800-53 Rev. 5 SI-6 |
System and Information Integrity |
Security and Privacy Function Verification |
Shared |
n/a |
a. Verify the correct operation of [Assignment: organization-defined security and privacy functions];
b. Perform the verification of the functions specified in SI-6a [Selection (OneOrMore): [Assignment: organization-defined system transitional states] ;upon command by user with appropriate privilege; [Assignment: organization-defined frequency] ] ;
c. Alert [Assignment: organization-defined personnel or roles] to failed security and privacy verification tests; and
d. [Selection (OneOrMore): Shut the system down;Restart the system; [Assignment: organization-defined alternative action(s)] ] when anomalies are discovered. |
link |
4 |
| PCI_DSS_v4.0 |
10.7.1 |
PCI_DSS_v4.0_10.7.1 |
PCI DSS v4.0 10.7.1 |
Requirement 10: Log and Monitor All Access to System Components and Cardholder Data |
Failures of critical security control systems are detected, reported, and responded to promptly |
Shared |
n/a |
Failures of critical security control systems are detected, alerted, and addressed promptly, including but not limited to failure of the following critical security control systems:
• Network security controls
• IDS/IPS
• FIM
• Anti-malware solutions
• Physical access controls
• Logical access controls
• Audit logging mechanisms
• Segmentation controls (if used) |
link |
5 |
| PCI_DSS_v4.0 |
10.7.2 |
PCI_DSS_v4.0_10.7.2 |
PCI DSS v4.0 10.7.2 |
Requirement 10: Log and Monitor All Access to System Components and Cardholder Data |
Failures of critical security control systems are detected, reported, and responded to promptly |
Shared |
n/a |
Failures of critical security control systems are detected, alerted, and addressed promptly, including but not limited to failure of the following critical security control systems:
• Network security controls
• IDS/IPS
• Change-detection mechanisms
• Anti-malware solutions
• Physical access controls
• Logical access controls
• Audit logging mechanisms
• Segmentation controls (if used)
• Audit log review mechanisms
• Automated security testing tools (if used) |
link |
5 |
| PCI_DSS_v4.0 |
10.7.3 |
PCI_DSS_v4.0_10.7.3 |
PCI DSS v4.0 10.7.3 |
Requirement 10: Log and Monitor All Access to System Components and Cardholder Data |
Failures of critical security control systems are detected, reported, and responded to promptly |
Shared |
n/a |
Failures of any critical security controls systems are responded to promptly, including but not limited to:
• Restoring security functions.
• Identifying and documenting the duration (date and time from start to end) of the security failure.
• Identifying and documenting the cause(s) of failure and documenting required remediation.
• Identifying and addressing any security issues that arose during the failure.
• Determining whether further actions are required as a result of the security failure.
• Implementing controls to prevent the cause of failure from reoccurring.
• Resuming monitoring of security controls. |
link |
4 |
| SWIFT_CSCF_v2022 |
8.4 |
SWIFT_CSCF_v2022_8.4 |
SWIFT CSCF v2022 8.4 |
8. Set and Monitor Performance |
Ensure availability, capacity, and quality of services to customers |
Shared |
n/a |
Ensure availability, capacity, and quality of services to customers |
link |
7 |