Fedramp system Security Plan (ssp) High Baseline Template


RA-5 (8) Control Enhancement (L) (M) (H)



Download 1.2 Mb.
Page354/478
Date16.12.2020
Size1.2 Mb.
#54609
1   ...   350   351   352   353   354   355   356   357   ...   478
FedRAMP-SSP-High-Baseline-Template
FedRAMP-SSP-High-Baseline-Template, North Carolina Summary Table of Ecoregion Characteristics

RA-5 (8) Control Enhancement (L) (M) (H)


The organization reviews historic audit logs to determine if a vulnerability identified in the information system has been previously exploited.

RA-5(8) Additional FedRAMP Requirements and Guidance:

Requirement: This enhancement is required for all high vulnerability scan findings.

Guidance: While scanning tools may label findings as high or critical, the intent of the control is based around NIST's definition of high vulnerability.

RA-5 (8)

Control Summary Information

Responsible Role:

Implementation Status (check all that apply):

Implemented

Partially implemented

☐ Planned

Alternative implementation

Not applicable



Control Origination (check all that apply):

Service Provider Corporate

☐ Service Provider System Specific

☐ Service Provider Hybrid (Corporate and System Specific)

☐ Configured by Customer (Customer System Specific)

☐ Provided by Customer (Customer System Specific)

☐ Shared (Service Provider and Customer Responsibility)

☐ Inherited from pre-existing FedRAMP Authorization for Click here to enter text. ,





RA-5 (8) What is the solution and how is it implemented?






Download 1.2 Mb.

Share with your friends:
1   ...   350   351   352   353   354   355   356   357   ...   478




The database is protected by copyright ©ininet.org 2024
send message

    Main page