>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

ID.RA-09The authenticity and integrity of hardware and software are assessed prior to acquisition and use

>Control Description

This risk assessment subcategory ensures that the authenticity and integrity of hardware and software are assessed prior to acquisition and use. Key activities include: Assess the authenticity and cybersecurity of critical technology products and services prior to acquisition and use.

>Cross-Framework Mappings

NIST SP 800-53 r5

via NIST CSF 2.0 Concept Crosswalk
SA-04
Compare
SA-05
Compare
SA-10
Compare
SA-11
Compare
SA-15
Compare
SA-17
Compare
SI-07
Compare
SR-05
Compare
SR-06
Compare
SR-10
Compare
SR-11
Compare

PCI DSS v4.0.1

via NIST OLIR Catalog
6.4.3
Compare
9.5.1.1
Compare

ISO 27001:2022

via NIST OLIR Catalog
5.19
Compare
5.20
Compare
5.22
Compare

SOC 2 TSC

CC9.2
Compare

SCF

AST-15
Compare
AST-18
Compare
TDA-01
Compare
TDA-01.2
Compare
TDA-14
Compare
TDA-14.1
Compare
TDA-14.2
Compare

>Informative References

Official NIST mappings to external frameworks and standards. Source: NIST CSF 2.0

CCMv4.0

TVM-09

CRI Profile v2.0

EX.DD-04
EX.DD-04.01
EX.DD-04.02

CSF v1.1

PR.DS-8

CoP

A5

ISO/IEC 27001:2022

Mandatory Clause: None
Annex A Controls: 5.19
Annex A Controls: 5.20
Annex A Controls: 5.22

NICE Framework

IO-WRL-006
OG-WRL-014
OG-WRL-015
PD-WRL-006
PD-WRL-007

PCI DSS

6.4.3
9.5.1.1

SCF

AST-15
TDA-01
TDA-14
TDA-14.1
TDA-14.2

SP 800-171 Rev 3

03.11.01
03.17.02

SP 800-218

PO.5.2

SP 800-221A

MA.RI-3

SP 800-53 Rev 5.1.1

SA-04
SA-05
SA-10
SA-11
SA-15
SA-17
SI-07
SR-05
+3 more

SP 800-53 Rev 5.2.0

SA-04
SA-05
SA-10
SA-11
SA-15
SA-17
SI-07
SR-05
+3 more

SP-800-37 Rev 2

RMF Prepare Step (System Level): TASK P-10 Asset Identification
RMF Assess Step: TASK A-3 Control Assessments

Ask AI

Configure your API key to use AI features.