SI-7(12): Integrity Verification

Control Family:

System And Information Integrity

Parent Control:

SI-7: Software, Firmware, And Information Integrity

Priority:

P1: Implement P1 security controls first.

CSF v1.1 References:

Threats Addressed:

Tampering

Baselines:

(Not part of any baseline)

Next Version:

NIST Special Publication 800-53 Revision 5:
SI-7(12): Integrity Verification

Control Statement

The organization requires that the integrity of [Assignment: organization-defined user-installed software] be verified prior to execution.

Supplemental Guidance

Organizations verify the integrity of user-installed software prior to execution to reduce the likelihood of executing malicious code or code that contains errors from unauthorized modifications. Organizations consider the practicality of approaches to verifying software integrity including, for example, availability of checksums of adequate trustworthiness from software developers or vendors.