Policies Section
  1. Controls List
  2. Access Controls
  3. Training controls
  4. Audit Controls
  5. Certification
  6. Configuration Management
  7. Contingency Planning
  8. Authentication
  9. Incident Response
  10. Maintenance Controls
  11. Media Protection
  12. Physical Controls
  13. Security Planning
  14. Personnel Security
  15. Risk Assessment
  16. Acquisition
  17. Protection
  18. Integrity
  19. Actions and Controls
Policies Section

System and information integrity (from NIST)

This system and information integrity control list and description are meant to tie System and information integrity controls to activities and behaviors. For NIST's descriptions, see NIST Special Publication 800-53 Recommended Security Controls for Federal Information Systems.

System and information integrity (from NIST)

  • System and information integrity policy and procedures - These policies and procedures include anti-virus and malware policy, system update policy, system lockdown policy, server monitoring policy, intrusion detection plan, and incident response plan. (low)
  • Flaw remediation - System flaws are monitored and periodically repaired in a timely manner to protect the integrity of the information system. Vulnerabilities must be repaired in a timely manner as a preventative measure against attacks. The fixes should be tested for side affects to be sure the patches do not break current working functions. (low)
  • Malicious code protection - There is virus protection and malware protection at system entry and exit points. Virus and malware protection should exist on workstations and malware may be filtered or blocked as it tries to travel through firewalls, mail servers, proxy servers, or other devices. Virus and malware protection should be centrally managed in moderate or large organizations and kept updated in all organizations. (low)
  • Intrusion detection tools and techniques - Tools and methods are used to monitor for attacks or unauthorized use of information systems or the network. Automated tools may be used to support near real time analysis of events. (moderate)
  • Security alerts and advisories - Security alerts and advisories are received by appropriate staff members in the organization who take timely action to remediate threats. (low)
  • Security functionality verification - When something abnormally is automatically detected on the computer system, the system can within a preset time period take one of a choice of several actions such as shut the system down or notify a system administrator. (moderate)
  • Software and information integrity - The computer system monitors against changes to data or to software that is not authorized. (high)
  • Spam and spyware protection - The organization implements protection against SPAM and spyware to cut down security incidents and prevent loss of productivity. Protection may be applied to both workstations and servers including network devices such as firewalls, mail servers, and proxy servers. (moderate)
  • Information input restrictions - Only authorized people can put information into the computer system. (moderate)
  • Information input accuracy, completeness, and validity - Information put on the system is checked for accuracy, completeness, and validity. (moderate)
  • Error handling - Error messages provided by the computer system and application software should be useful and timely without revealing information that can be used by an attacker. Sensitive information should not be a part of error logs. (moderate)
  • Information output handling and retention - Information output by the organization is processed and retained in records according to the organization's policies. (moderate)