SI-7(2): Automated Notifications Of Integrity Violations

Control Family:

System And Information Integrity

Parent Control:

SI-7: Software, Firmware, And Information Integrity

Priority:

P1: Implement P1 security controls first.

CSF v1.1 References:

Threats Addressed:

Tampering

Baselines:

High

Next Version:

NIST Special Publication 800-53 Revision 5:
SI-7(2): Automated Notifications of Integrity Violations

Control Statement

The organization employs automated tools that provide notification to [Assignment: organization-defined personnel or roles] upon discovering discrepancies during integrity verification.

Supplemental Guidance

The use of automated tools to report integrity violations and to notify organizational personnel in a timely matter is an essential precursor to effective risk response. Personnel having an interest in integrity violations include, for example, mission/business owners, information system owners, systems administrators, software developers, systems integrators, and information security officers.