SR-10: Inspection of Systems or Components

CSF v1.1 References:

CSF v2.0 References:

Threats Addressed:

Baselines:

  • Low
    • SR-10
  • Moderate
    • SR-10
  • High
    • SR-10
  • Privacy

    N/A

Info icon.

Control is new to this version of the control set and incorporates the following item from the previous version: SA-18(2): Inspection Of Information Systems, Components, Or Devices.

Control Statement

Inspect the following systems or system components [Assignment (one or more): at random, at [Assignment: organization-defined frequency], upon [Assignment: organization-defined indications of need for inspection] ] to detect tampering: [Assignment: organization-defined systems or system components].

Supplemental Guidance

The inspection of systems or systems components for tamper resistance and detection addresses physical and logical tampering and is applied to systems and system components removed from organization-controlled areas. Indications of a need for inspection include changes in packaging, specifications, factory location, or entity in which the part is purchased, and when individuals return from travel to high-risk locations.