PR.PS-03—Hardware is maintained, replaced, and removed commensurate with risk
>Control Description
This platform security subcategory ensures that hardware is maintained, replaced, and removed commensurate with risk. Key activities include: Replace hardware when it lacks needed security capabilities or when it cannot support software with needed security capabilities; Define and implement plans for hardware end-of-life maintenance support and obsolescence; Perform hardware disposal in a secure, responsible, and auditable manner.
>Cross-Framework Mappings
NIST SP 800-53 r5
via NIST CSF 2.0 Concept CrosswalkISO 27001:2022
via NIST OLIR Catalog>Informative References
Official NIST mappings to external frameworks and standards. Source: NIST CSF 2.0
CCMv4.0
CCC-04
DCS-01
DSP-02
TVM-03
TVM-08
CIS Controls v8.0
1.2
CIS Controls v8.1
1.2
CRI Profile v2.0
PR.PS-03
PR.PS-03.01
CSF v1.1
PR.MA-1
PR.DS-3
ISO/IEC 27001:2022
Mandatory Clause: None
Annex A Controls: 5.9
NICE Framework
DD-WRL-001
DD-WRL-002
IO-WRL-005
IO-WRL-007
OG-WRL-013
PD-WRL-004
PCI DSS
12.3.4
9.4.7
9.5.1.1
SCF
MNT-01
MNT-02
MNT-03
MNT-03.1
PRM-07
SEA-07.1
TDA-17
SP 800-218
PO.5.2
SP 800-53 Rev 5.1.1
CM-07(09)
SA-10(03)
SC-03(01)
SC-39(01)
SC-49
SC-51
SP 800-53 Rev 5.2.0
CM-07(09)
SA-10(03)
SC-03(01)
SC-39(01)
SC-49
SC-51
Ask AI
Configure your API key to use AI features.