SI-14(1): Refresh From Trusted Sources

Control Family:

System And Information Integrity

Parent Control:

SI-14: Non-Persistence

Priority:

P0: Security control not selected in any baseline.

CSF v1.1 References:

PR.IP-2

Threats Addressed:

Elevation of Privilege

Baselines:

(Not part of any baseline)

Next Version:

NIST Special Publication 800-53 Revision 5:
SI-14(1): Refresh from Trusted Sources

Control Statement

The organization ensures that software and data employed during information system component and service refreshes are obtained from [Assignment: organization-defined trusted sources].

Supplemental Guidance

Trusted sources include, for example, software/data from write-once, read-only media or from selected off-line secure storage facilities.