zydronium/manage.get.gov
1
0
Fork 0
mirror of https://github.com/cisagov/manage.get.gov.git synced 2025-08-05 09:21:54 +02:00
Code Issues Projects Releases Packages Wiki Activity
manage.get.gov/docs/compliance/dist/system-security-plans/ato/sr-11.md
Logan McDonald 1d3dfdb8d5
Add compliance documentation to source control (#116) 
* add initial setup of compliance-trestle
2022-09-14 08:46:43 -04:00

1.8 KiB
Raw Blame History

implementation-status control-origination
c-not-implemented
c-inherited-cloud-gov
c-inherited-cisa
c-common-control
c-system-specific-control

sr-11 - [catalog] Component Authenticity

Control Statement

  • [a] Develop and implement anti-counterfeit policy and procedures that include the means to detect and prevent counterfeit components from entering the system; and

  • [b] Report counterfeit system components to No value found.

Control guidance

Sources of counterfeit components include manufacturers, developers, vendors, and contractors. Anti-counterfeiting policies and procedures support tamper resistance and provide a level of protection against the introduction of malicious code. External reporting organizations include CISA.

Control assessment-objective

an anti-counterfeit policy is developed and implemented; anti-counterfeit procedures are developed and implemented; the anti-counterfeit procedures include the means to detect counterfeit components entering the system; the anti-counterfeit procedures include the means to prevent counterfeit components from entering the system; counterfeit system components are reported to No value found.

What is the solution and how is it implemented?

Implementation a.

Add control implementation description here for item sr-11_smt.a

Implementation b.

Add control implementation description here for item sr-11_smt.b