This page is classified as INTERNAL.
NIST 800-53 (r4) Control:
The organization documents in the security plan for the information system, the policies and procedures for the establishment and use of nonlocal maintenance and diagnostic connections.
NIST 800-53 (r4) Supplemental Guidance: None
References: FIPS Publications 140-2, 197, 201; NIST Special Publications 800-63, 800-88; CNSS Policy 15.
NIST 800-53 (r5) Discussion: None
38North Guidance:
Meets Minimum Requirement:
The security plan references the policies and procedures that contain the details on establishing a process for and using nonlocal maintenance and diagnostic connections
Best Practice:
TBD
Unofficial FedRAMP Guidance: None
Assessment Evidence:
Review of MA-4(2) in the security plan
Copy of the references policy and procedures referenced in the security plan
CSP Implementation Tips:
Amazon Web Services (AWS): TBD
Microsoft Azure: TBD
Google Cloud Platform: TBD