Fedramp system Security Plan (ssp) High Baseline Template

CM-5 (2) What is the solution and how is it implemented?

Download 1.2 Mb. Page 164/478 Date 16.12.2020 Size 1.2 Mb. #54609

FedRAMP-SSP-High-Baseline-Template
FedRAMP-SSP-High-Baseline-Template, North Carolina Summary Table of Ecoregion Characteristics

Navigate this page:

• CM-5 (3) Additional FedRAMP Requirements and Guidance : Guidance
• CM-5 (3) Control Summary Information
• CM-5 (3) What is the solution and how is it implemented

CM-5 (2) What is the solution and how is it implemented?

CM-5 (3) Control Enhancement (M) (H)

The information system prevents the installation of [Assignment: organization-defined software and firmware components] without verification that the component has been digitally signed using a certificate that is recognized and approved by the organization.

CM-5 (3) Additional FedRAMP Requirements and Guidance:

Guidance: If digital signatures/certificates are unavailable, alternative cryptographic integrity checks (hashes, self-signed certs, etc.) can be used.

CM-5 (3)	Control Summary Information
Responsible Role:
Parameter CM-5 (3):
Implementation Status (check all that apply): ☐ Implemented ☐ Partially implemented ☐ Planned ☐ Alternative implementation ☐ Not applicable
Control Origination (check all that apply): ☐ Service Provider Corporate ☐ Service Provider System Specific ☐ Service Provider Hybrid (Corporate and System Specific) ☐ Configured by Customer (Customer System Specific) ☐ Provided by Customer (Customer System Specific) ☐ Shared (Service Provider and Customer Responsibility) ☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,

CM-5 (3) What is the solution and how is it implemented?

Download 1.2 Mb.

Share with your friends: