SI-3(4): Updates Only by Privileged Users

Control Family:

System and Information Integrity

Parent Control:

SI-3: Malicious Code Protection

CSF v1.1 References:

DE.CM-4
DE.DP-3

Threats Addressed:

Tampering
Elevation of Privilege
Lateral Movement

Baselines:

(Not part of any baseline)

Previous Version:

NIST Special Publication 800-53 Revision 4:
SI-3(4): Updates Only By Privileged Users

Control Statement

Update malicious code protection mechanisms only when directed by a privileged user.

Supplemental Guidance

Protection mechanisms for malicious code are typically categorized as security-related software and, as such, are only updated by organizational personnel with appropriate access privileges.

Control Statement

Supplemental Guidance

Related Controls

NIST Special Publication 800-53 Revision 5