Invasive Testing CM_05_1_I_II

This NIST 800-53 report is posted on the Internet to promote Version 3.0 of LJK/Security . The corresponding vulnerability report for your own system should be guarded more carefully, such as by being reviewed only from local HTML disk files rather than via a web server.
Return to Main Page
Invasive Testing CM_05_1_I_II_24

FIPS 199 High Impact (for ICS)

Findings Color Code
Satisfied
Other Than Satisfied - not assessed
Other Than Satisfied - failed

NIST SP 800-53A CM-05 .01(i)

Question: Does testing the change control process and associated restrictions for changes to the information system show that errors encountered are logged and fed back to the implementation team for use in continuous improvement ?

Answered by: BOSTON::ADAMS

As part of Invasive Testing group: TEST_ADD_CONF

Answer: YES

This NIST 800-53 report is posted on the Internet to promote Version 3.0 of LJK/Security . The corresponding vulnerability report for your own system should be guarded more carefully, such as by being reviewed only from local HTML disk files rather than via a web server.