SI-7(8)—Software, Firmware, and Information Integrity | Auditing Capability for Significant Events
IL5
IL6
>Control Description
Upon detection of a potential integrity violation, provide the capability to audit the event and initiate the following actions: [Selection (one or more): generate an audit record; alert current user; alert ⚙organization-defined personnel or roles; ⚙organization-defined other actions].
>DoD Impact Level Requirements
No specific parameter values or requirements for this impact level.
>Discussion
Organizations select response actions based on types of software, specific software, or information for which there are potential integrity violations.
>Related Controls
>Assessment Interview Topics
Questions assessors commonly ask
Process & Governance:
- •What policies and procedures govern auditing capability for significant events?
- •Who is responsible for monitoring system and information integrity?
- •How frequently are integrity monitoring processes reviewed and updated?
Technical Implementation:
- •What technical controls detect and respond to auditing capability for significant events issues?
- •How are integrity violations identified and reported?
- •What automated tools support system and information integrity monitoring?
Evidence & Documentation:
- •Can you provide recent integrity monitoring reports or alerts?
- •What logs demonstrate that SI-7(8) is actively implemented?
- •Where is evidence of integrity monitoring maintained and for how long?
Ask AI
Configure your API key to use AI features.