SecFrame Explorer
3/3
// Level 3 · Controls

System and Information Integrity

NIST SP 800-53 Rev 5 System and Information Integrity controls.

SI-01Medium

Policy and Procedures

Develop, document, and disseminate to [parameter]:

SI-02Medium

Flaw Remediation

Identify, report, and correct system flaws;

SI-03Medium

Malicious Code Protection

Implement [parameter] malicious code protection mechanisms at system entry and exit points to detect and eradicate malicious code;

SI-04Medium

System Monitoring

Monitor the system to detect:

SI-05Medium

Security Alerts, Advisories, and Directives

Receive system security alerts, advisories, and directives from [parameter] on an ongoing basis;

SI-06Medium

Security and Privacy Function Verification

Verify the correct operation of [parameter];

SI-07Medium

Software, Firmware, and Information Integrity

Employ integrity verification tools to detect unauthorized changes to the following software, firmware, and information: [parameter] ; and

SI-08Medium

Spam Protection

Employ spam protection mechanisms at system entry and exit points to detect and act on unsolicited messages; and

SI-09Medium

Information Input Restrictions

Information Input Restrictions

SI-10Medium

Information Input Validation

Check the validity of the following information inputs: [parameter].

SI-11Medium

Error Handling

Generate error messages that provide information necessary for corrective actions without revealing information that could be exploited; and

SI-12Medium

Information Management and Retention

Manage and retain information within the system and information output from the system in accordance with applicable laws, executive orders, directives, regulations, policies, standards, guidelines and operational requirements.

SI-13Medium

Predictable Failure Prevention

Determine mean time to failure (MTTF) for the following system components in specific environments of operation: [parameter] ; and

SI-14Medium

Non-persistence

Implement non-persistent [parameter] that are initiated in a known state and terminated [parameter].

SI-15Medium

Information Output Filtering

Validate information output from the following software programs and/or applications to ensure that the information is consistent with the expected content: [parameter].

SI-16Medium

Memory Protection

Implement the following controls to protect the system memory from unauthorized code execution: [parameter].

SI-17Medium

Fail-safe Procedures

Implement the indicated fail-safe procedures when the indicated failures occur: [parameter].

SI-18Medium

Personally Identifiable Information Quality Operations

Check the accuracy, relevance, timeliness, and completeness of personally identifiable information across the information life cycle [parameter] ; and

SI-19Medium

De-identification

Remove the following elements of personally identifiable information from datasets: [parameter] ; and

SI-20Medium

Tainting

Embed data or capabilities in the following systems or system components to determine if organizational data has been exfiltrated or improperly removed from the organization: [parameter].

SI-21Medium

Information Refresh

Refresh [parameter] at [parameter] or generate the information on demand and delete the information when no longer needed.

SI-22Medium

Information Diversity

Identify the following alternative sources of information for [parameter]: [parameter] ; and

SI-23Medium

Information Fragmentation

Based on [parameter]: