>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

SI-4System Monitoring

>Control Description

This control includes monitoring vulnerabilities that result from past supply chain cybersecurity compromises, such as malicious code implanted during software development and set to activate after deployment. System monitoring is frequently performed by external service providers. Service-level agreements with these providers should be structured to appropriately reflect this control. Enterprises should require their prime contractors to implement this control and flow down this requirement to relevant sub-tier contractors. Departments and agencies should refer to Appendix F to implement this guidance in accordance with Executive Order 14028, Improving the Nation’s Cybersecurity.

>Cross-Framework Mappings

SCF

TDA-18
Compare
MON-02
Compare
NET-12
Compare
MON-01
Compare

Ask AI

Configure your API key to use AI features.