SI-03.4: Updates Only by Privileged Users

SI-03.4 · Updates Only by Privileged Users

Control Description

Update malicious code protection mechanisms only when directed by a privileged user.

Impact Baselines

Security baselines where this control applies

Not in any baseline

Control Properties

SP800-53-enhancement

organization

Enhancement

Control Statement

The control requirements

Update malicious code protection mechanisms only when directed by a privileged user.

Supplemental Guidance

Protection mechanisms for malicious code are typically categorized as security-related software and, as such, are only updated by organizational personnel with appropriate access privileges.

Related NIST Controls

Other NIST 800-53 controls related to this one

CM-05