SI-2(2): Automated Flaw Remediation Status

Control Family:

System and Information Integrity

Parent Control:

SI-2: Flaw Remediation

CSF v1.1 References:

ID.RA-1
PR.IP-12

Threats Addressed:

Tampering
Elevation of Privilege
Lateral Movement

Baselines:

Moderate
High

Previous Version:

NIST Special Publication 800-53 Revision 4:
SI-2(2): Automated Flaw Remediation Status

Control Statement

Determine if system components have applicable security-relevant software and firmware updates installed using [Assignment: organization-defined automated mechanisms] [Assignment: organization-defined frequency].

Supplemental Guidance

Automated mechanisms can track and determine the status of known flaws for system components.

Control Statement

Supplemental Guidance

Related Controls

NIST Special Publication 800-53 Revision 5

Critical Security Controls Version 8