FIPS 199 High Impact (for ICS) |
| Findings
Color Code |
| Satisfied |
| Other Than Satisfied - not assessed |
| Other Than Satisfied - failed
|
|
|
NIST SP 800-53A CM-03(ICS-01) .01
|
Question: Do the configuration management policy and the procedures addressing ICS configuration change control and the ICS architecture and configuration documentation specify that the organization test, validate, and document changes (e.g., patches and updates) before implementing the changes on the operational ICS ? |
|
Answered by: BOSTON::HARRISON
As part of Manual Examination group: POLICY_CM
|
Answer: YES
|
|
|
This NIST 800-53 report is posted on the Internet to promote Version 3.0 of LJK/Security . The corresponding vulnerability report for your own system should be guarded more carefully, such as by being reviewed only from local HTML disk files rather than via a web server.
|