← Back to catalog
SA-10(6)
Trusted Distribution
System and Services Acquisition (SA)
Baselines
Low · Not includedModerate · Not includedHigh · Not included
Description
Require the developer of the system, system component, or system service to execute procedures for ensuring that security-relevant hardware, software, and firmware updates distributed to the organization are exactly as specified by the master copies.
Discussion
The trusted distribution of security-relevant hardware, software, and firmware updates help to ensure that the updates are correct representations of the master copies maintained by the developer and have not been tampered with during distribution.
Implementation guidance
No content available.
CSF 2.0 crosswalk
No CSF mappings exist for this control.