>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

SI-4 (22)System Monitoring | Unauthorized Network Services

High

>Control Description

(a) Detect network services that have not been authorized or approved by organization-defined authorization or approval processes; and (b) [Selection (one or more): Audit; Alert organization-defined personnel or roles] when detected.

>FedRAMP Baseline Requirements

No FedRAMP-specific parameter values or requirements for this baseline.

>Discussion

Unauthorized or unapproved network services include services in service-oriented architectures that lack organizational verification or validation and may therefore be unreliable or serve as malicious rogues for valid services.

>Assessment Interview Topics

Questions assessors commonly ask

Process & Governance:

  • What policies and procedures govern unauthorized network services?
  • Who is responsible for monitoring system and information integrity?
  • How frequently are integrity monitoring processes reviewed and updated?

Technical Implementation:

  • What technical controls detect and respond to unauthorized network services issues?
  • How are integrity violations identified and reported?
  • What automated tools support system and information integrity monitoring?
  • What anti-malware solutions are deployed and how are they configured?

Evidence & Documentation:

  • Can you provide recent integrity monitoring reports or alerts?
  • What logs demonstrate that SI-4(22) is actively implemented?
  • Where is evidence of integrity monitoring maintained and for how long?
  • Can you show recent malware detection reports and response actions?

Ask AI

Configure your API key to use AI features.