SI-07.12: Integrity Verification

SI-07.12 · Integrity Verification

Control Description

Require that the integrity of the following user-installed software be verified prior to execution: {{ insert: param, si-07.12_odp }}.

Impact Baselines

Security baselines where this control applies

Not in any baseline

Control Properties

SP800-53-enhancement

organization

Assurance

Enhancement

Control Statement

The control requirements

Require that the integrity of the following user-installed software be verified prior to execution: {{ insert: param, si-07.12_odp }}.

Supplemental Guidance

Organizations verify the integrity of user-installed software prior to execution to reduce the likelihood of executing malicious code or programs that contains errors from unauthorized modifications. Organizations consider the source of the software, ensuring the software and updates come from authorized sources and/or sites, and the practicality of approaches to verifying software integrity, including the availability of trustworthy checksums from software developers and vendors.

Related NIST Controls

Other NIST 800-53 controls related to this one

SI-02

CM-11

References

Chandramouli R, Rose SW (2013) Secure Domain Name System (DNS) Deployment Guide. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-81-2.