SI-3(2): Automatic Updates

CSF v1.1 References:


  • Moderate
  • High
Warning icon.

Control is withdrawn in the next version of this control set and incorporated into: SI-3: Malicious Code Protection.

Control Statement

The information system automatically updates malicious code protection mechanisms.

Supplemental Guidance

Malicious code protection mechanisms include, for example, signature definitions. Due to information system integrity and availability concerns, organizations give careful consideration to the methodology used to carry out automatic updates.