SI-7(1): Integrity Checks

CSF v1.1 References:

Threats Addressed:


  • Moderate
  • High

Previous Version:

Control Statement

Perform an integrity check of [Assignment: organization-defined software, firmware, and information] [Assignment (one or more): at startup, at [Assignment: organization-defined transitional states or security-relevant events] , [Assignment: organization-defined frequency] ].

Supplemental Guidance

Security-relevant events include the identification of new threats to which organizational systems are susceptible and the installation of new hardware, software, or firmware. Transitional states include system startup, restart, shutdown, and abort.