>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

MA-4(3)Comparable Security And Sanitization

>Control Description

Should suppliers, developers, system integrators, external system service providers, or other ICT/OT-related service providers perform any nonlocal maintenance or diagnostic services on systems or system components, the enterprise should ensure that: • Appropriate measures are taken to verify that the nonlocal environment meets appropriate security levels for maintenance and diagnostics per agreements between the enterprise and vendor; • Appropriate levels of sanitizing are completed to remove any enterprise-specific data residing in components; and • Appropriate diagnostics are completed to ensure that components are sanitized, preventing malicious insertion prior to returning to the enterprise system or supply chain network. The enterprise should require its prime contractors to implement this control and flow down this requirement to relevant sub-tier contractors

>Cross-Framework Mappings

SCF

MNT-05.6
Compare

Ask AI

Configure your API key to use AI features.