Embedded Files
This page is classified as INTERNAL.
NIST 800-53 (r4) Control:
The organization employs automated tools that provide notification to [Assignment: organization- defined personnel or roles] upon discovering discrepancies during integrity verification.
NIST 800-53 (r4) Supplemental Guidance:
The use of automated tools to report integrity violations and to notify organizational personnel in a timely matter is an essential precursor to effective risk response. Personnel having an interest in integrity violations include, for example, mission/business owners, information system owners, systems administrators, software developers, systems integrators, and information security officers.
NIST 800-53 (r5) Discussion:
The employment of automated tools to report system and information integrity violations and to notify organizational personnel in a timely matter is essential to effective risk response. Personnel with an interest in system and information integrity violations include mission and business owners, system owners, senior agency information security official, senior agency official for privacy, system administrators, software developers, systems integrators, information security officers, and privacy officers.
38North Guidance:
Meets Minimum Requirement:
Employ automated mechanisms to alert personnel if unauthorized changes are detected (e.g., changes to OS, tenant configurations, core system files, etc.)
Best Practice: None
Unofficial FedRAMP Guidance: None
Assessment Evidence:
Integrity monitoring tool configurations and alerts.
Sample of alerts triggered by the integrity monitoring tool and the security lead that receives them.
CSP Implementation Tips:
Amazon Web Services (AWS): TBD
Microsoft Azure: TBD
Google Cloud Platform: TBD
Page updated
Report abuse