SI-3(1): Central Management
Control is withdrawn in the next version of this control set and incorporated into: PL-9: Central Management.
The organization centrally manages malicious code protection mechanisms.
Central management is the organization-wide management and implementation of malicious code protection mechanisms. Central management includes planning, implementing, assessing, authorizing, and monitoring the organization-defined, centrally managed flaw malicious code protection security controls.