UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The macOS system must have the security assessment policy subsystem enabled.


Overview

Finding ID Version Rule ID IA Controls Severity
V-257220 APPL-13-002064 SV-257220r905293_rule High
Description
Any changes to the hardware, software, and/or firmware components of the information system and/or application can potentially have significant effects on the overall security of the system. Accordingly, software defined by the organization as critical must be signed with a certificate that is recognized and approved by the organization.
STIG Date
Apple macOS 13 (Ventura) Security Technical Implementation Guide 2024-02-06

Details

Check Text ( C-60905r905291_chk )
Verify the macOS system is configured with the security assessment policy subsystem enabled with the following command:

/usr/sbin/spctl --status

assessments enabled

If "assessments enabled" is not returned, this is a finding.
Fix Text (F-60846r905292_fix)
Configure the macOS system to enable the security assessment policy subsystem by installing the "Custom Policy" configuration profile.