3.14.5—System and Information Integrity - Derived
Derived Requirement
>Control Description
Perform periodic scans of organizational systems and real-time scans of files from external sources as files are downloaded, opened, or executed.
>Discussion
Periodic scans of organizational systems and real-time scans of files from external sources can detect malicious code. Malicious code can be encoded in various formats (e.g., UUENCODE, Unicode), contained within compressed or hidden files, or hidden in files using techniques such as steganography. Malicious code can be inserted into systems in a variety of ways including web accesses, electronic mail, electronic mail attachments, and portable storage devices.
Malicious code insertions occur through the exploitation of system vulnerabilities.
>Cross-Framework Mappings
>Assessment Interview Topics
Questions assessors commonly ask
Process & Governance:
- •What policies prevent reuse of identifiers for a defined period?
- •What procedures govern identifier lifecycle and retirement?
- •Who manages identifier assignment and retirement?
- •What timeframe prevents identifier reuse?
- •What governance ensures identifiers are not prematurely reused?
Technical Implementation:
- •What technical controls prevent identifier reuse?
- •How do you track retired identifiers and enforce non-reuse?
- •What identity management systems manage identifier lifecycle?
- •How do you implement waiting periods before identifier reuse?
- •What auditing tracks identifier assignments and retirements?
Evidence & Documentation:
- •Can you provide identifier management procedures?
- •What evidence shows identifiers are not reused prematurely?
- •Can you demonstrate identifier retirement tracking?
- •What audit logs track identifier lifecycle events?
- •What findings verify identifier reuse prevention compliance?
Ask AI
Configure your API key to use AI features.