>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

SI-4(22)Information System Monitoring

Operational

>Control Description

INFORMATION SYSTEM MONITORING | UNAUTHORIZED NETWORK SERVICES The information system detects network services that have not been authorized or approved by organization-defined authorization or approval processes and [Selection (one or more): audits; alerts organization-defined personnel or roles].

>Supplemental Guidance

Unauthorized or unapproved network services include, for example, services in service-oriented architectures that lack organizational verification or validation and therefore may be unreliable or serve as malicious rogues for valid services. Related controls: AC-6, CM-7, SA-5, SA-9.

Ask AI

Configure your API key to use AI features.