SI-06 Security Functionality Verification
Control: The information system verifies the correct operation of security functions [Selection (one or more): upon system startup and restart, upon command by user with appropriate privilege, periodically every [Assignment: organization-defined time-period]] and [Selection (one or more): notifies system administrator, shuts the system down, restarts the system] when anomalies are discovered.
Supplemental Guidance: The need to verify security functionality applies to all security functions. For those security functions that are not able to execute automated self-tests, the organization either implements compensating security controls or explicitly accepts the risk of not performing the verification as required.
Control Enhancements:
(1) The organization employs automated mechanisms to provide notification of failed automated security tests.
(2) The organization employs automated mechanisms to support management of distributed security testing.
Baseline: LOW Not Selected MOD Not Selected HIGH SI-6
Family: System And Information Integrity
Class: Operational
ISO 17799 mapping: None.
COBIT 4.1 mapping: None.
PCI-DSS v2 mapping: None.