>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

SI-5Security Alerts, Advisories, and Directives

IL4 Mod
IL4 High
IL5
IL6

>Control Description

a

Receive system security alerts, advisories, and directives from organization-defined external organizations on an ongoing basis;

b

Generate internal security alerts, advisories, and directives as deemed necessary;

c

Disseminate security alerts, advisories, and directives to: [Selection (one or more): organization-defined personnel or roles; organization-defined elements within the organization; organization-defined external organizations]; and

d

Implement security directives in accordance with established time frames, or notify the issuing organization of the degree of noncompliance.

>DoD Impact Level Requirements

FedRAMP Parameter Values

SI-5 (a) [to include US-CERT and Cybersecurity and Infrastructure Security Agency (CISA) Directives] SI-5 (c) [to include system security personnel and administrators with configuration/patch-management responsibilities]

Additional Requirements and Guidance

SI-5 Requirement: Service Providers must address the CISA Emergency and Binding Operational Directives applicable to their cloud service offering per FedRAMP guidance. This includes listing the applicable directives and stating compliance status.

>Discussion

The Cybersecurity and Infrastructure Security Agency (CISA) generates security alerts and advisories to maintain situational awareness throughout the Federal Government. Security directives are issued by OMB or other designated organizations with the responsibility and authority to issue such directives. Compliance with security directives is essential due to the critical nature of many of these directives and the potential (immediate) adverse effects on organizational operations and assets, individuals, other organizations, and the Nation should the directives not be implemented in a timely manner.

External organizations include supply chain partners, external mission or business partners, external service providers, and other peer or supporting organizations.

>Programmatic Queries

Beta

Related Services

AWS Health
Security Hub
Trusted Advisor

CLI Commands

Check AWS Health events
aws health describe-events --filter 'eventTypeCategories=issue,scheduledChange'
List Security Hub announcements
aws securityhub get-findings --filters '{"ProductName":[{"Value":"Security Hub","Comparison":"EQUALS"}]}'
Check Trusted Advisor security
aws support describe-trusted-advisor-check-result --check-id SECURITY_CHECK_ID
Get personal health dashboard
aws health describe-affected-entities --filter 'eventArns=EVENT_ARN'
Open AWS ConsoleDocumentation

>Related Controls

PM-15
RA-5
SI-2

>Assessment Interview Topics

Questions assessors commonly ask

Process & Governance:

  • What policies and procedures govern security alerts, advisories, and directives?
  • Who is responsible for monitoring system and information integrity?
  • How frequently are integrity monitoring processes reviewed and updated?

Technical Implementation:

  • What technical controls detect and respond to security alerts, advisories, and directives issues?
  • How are integrity violations identified and reported?
  • What automated tools support system and information integrity monitoring?

Evidence & Documentation:

  • Can you provide recent integrity monitoring reports or alerts?
  • What logs demonstrate that SI-5 is actively implemented?
  • Where is evidence of integrity monitoring maintained and for how long?

Ask AI

Configure your API key to use AI features.