MA-4(5)—Approvals And Notifications
>Control Description
a. Require the approval of each nonlocal maintenance session by [Assignment: organization-defined personnel or roles]; and b. Notify the following personnel or roles of the date and time of planned nonlocal maintenance: [Assignment: organization-defined personnel or roles].
>Supplemental Guidance
Notification may be performed by maintenance personnel. Approval of nonlocal maintenance is accomplished by personnel with sufficient information security and system knowledge to determine the appropriateness of the proposed maintenance.