Embedded Files
This page is classified as INTERNAL.
NIST 800-53 (r4) Control:
The organization verifies that all components within the authorization boundary of the information system are not duplicated in other information system inventories.
NIST 800-53 (r4) Supplemental Guidance:
This control enhancement addresses the potential problem of duplicate accounting of information system components in large or complex interconnected systems.
NIST 800-53 (r5) Discussion:
Withdrawn: Incorporated into CM-8.
38North Guidance:
Meets Minimum Requirement:
Maintain an asset inventory that details all information system components deployed within the environment and ensure that all hardware and software components are not duplicated in other asset inventories.
Best Practice:
TBD
Unofficial FedRAMP Guidance:
TBD
Assessment Evidence:
Observe the inventory process showing how inventory is generated prior to running a vulnerability scan
CSP Implementation Tips:
Amazon Web Services (AWS): TBD
Microsoft Azure: TBD
Google Cloud Platform: TBD
Page updated
Report abuse