Mechanisms exist to utilize only Commercial Off-the-Shelf (COTS) security products.
Control Question
Assessment question for control validation
Does the organization utilize only Commercial Off-the-Shelf (COTS) security products?
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 2 - Operational
Tier 3 - Tactical
Core Control Designations
Special designations and baseline inclusions
ESP Level 2: TDA-03
ESP Level 3: TDA-03