>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

CFM-09Time Clock Synchronization

>Control Description

Systems are configured to synchronize information system time clocks based on International Atomic Time or Coordinated Universal Time (UTC).

Theme

Technology

Type

Preventive

Policy/Standard

Infrastructure Management Policy

>Implementation Guidance

1. Ensure that the inventory includes all the ICT devices such as firewalls, routers and servers. 2. Ensure that a process has been established to use only hardened images for the servers. 3. Ensure that the NTP configuration (primary & secondary NTP servers) for these devices is configured. 4. Ensure that the time sync is enabled and stratums are defined.

>Testing Procedure

1. Obtain a list of in-scope ICT devices such as firewalls, routers and servers. 2. For servers, validate that security hardened images are used. 3. Obtain the NTP configuration for a sample of devices and check whether primary and secondary NTP servers are configured. 4. Validate whether time sync is enabled and stratums are defined and the time servers are working.

>Audit Artifacts

E-CFM-02
E-CFM-14
E-CFM-13
E-CFM-15

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

CIS Controls
1

8.4

ISO 27002:2022
1

8.17

FedRAMP Rev 5
1

AC-21

PCI DSS
4

10.6
10.6.1
10.6.2
10.6.3

Ask AI

Configure your API key to use AI features.