|MA-3 (1) Inspect Tools ||MODERATE |
If, upon inspection of maintenance tools, organizations determine that the tools have been modified in an improper/unauthorized manner or contain malicious code, the incident is handled consistent with organizational policies and procedures for incident handling.
The organization inspects the maintenance tools carried into a facility by maintenance personnel for improper or unauthorized modifications.
|MA-3 (2) Inspect Media ||MODERATE |
If, upon inspection of media containing maintenance diagnostic and test programs, organizations determine that the media contain malicious code, the incident is handled consistent with organizational incident handling policies and procedures.
The organization checks media containing diagnostic and test programs for malicious code before the media are used in the information system.
|MA-3 (3) Prevent Unauthorized Removal ||HIGH |
Organizational information includes all information specifically owned by organizations and information provided to organizations in which organizations serve as information stewards.
The organization prevents the unauthorized removal of maintenance equipment containing organizational information by: MA-3 (3)(a)
Verifying that there is no organizational information contained on the equipment; MA-3 (3)(b)
Sanitizing or destroying the equipment; MA-3 (3)(c)
Retaining the equipment within the facility; or MA-3 (3)(d)
Obtaining an exemption from Assignment: organization-defined personnel or roles explicitly authorizing removal of the equipment from the facility.
|MA-3 (4) Restricted Tool Use || |
This control enhancement applies to information systems that are used to carry out maintenance functions.
The information system restricts the use of maintenance tools to authorized personnel only.