>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

MA.L2-3.7.3Equipment Sanitization

Level 2
800-171: 3.7.3

>Control Description

Ensure equipment removed for off-site maintenance is sanitized of any CUI.

>Cross-Framework Mappings

NIST SP 800-171

3.7.3
Compare

SCF

DCH-09
Compare

>Assessment Interview Topics

Questions assessors commonly ask

Process & Governance:

  • What is your policy for equipment removal and off-site maintenance?
  • What is your process for sanitizing equipment before off-site maintenance?
  • Who approves equipment removal for off-site maintenance?
  • How do you verify that sanitization was effective before equipment leaves the facility?
  • What is your procedure if equipment cannot be sanitized?

Technical Implementation:

  • What sanitization tools and methods are used (disk wiping, degaussing)?
  • How do you verify sanitization was effective?
  • What tools perform data sanitization?
  • What verification methods confirm data removal?
  • What logging documents sanitization activities?

Evidence & Documentation:

  • What maintenance procedures and schedules can you provide?
  • What maintenance records and work orders demonstrate maintenance activities?
  • What sanitization certificates show equipment was sanitized before off-site maintenance?
  • What remote maintenance session logs can you show?
  • What tool inventory lists approved maintenance tools?
  • What evidence shows maintenance personnel are properly supervised or vetted?

Ask AI

Configure your API key to use AI features.