SC-34(2): Integrity Protection / Read-Only Media

Threats Addressed:


(Not part of any baseline)

Next Version:

Control Statement

The organization protects the integrity of information prior to storage on read-only media and controls the media after such information has been recorded onto the media.

Supplemental Guidance

Security safeguards prevent the substitution of media into information systems or the reprogramming of programmable read-only media prior to installation into the systems. Security safeguards include, for example, a combination of prevention, detection, and response.