UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The IAO will ensure the application is decommissioned when maintenance or support is no longer available.


Overview

Finding ID Version Rule ID IA Controls Severity
V-16837 APP6060 SV-17837r1_rule DCSD-1 ECSC-1 High
Description
When maintenance no longer exists for an application, there are no individuals responsible for providing security updates. The application is no longer supported, and should be decommissioned.
STIG Date
Application Security and Development Checklist 2014-12-22

Details

Check Text ( C-17843r1_chk )
Interview the application representative and determine if all the application components are under maintenance. The entire application may be covered by a single maintenance agreement. The application should be decommissioned if maintenance or security support is no longer being provided by the vendor or by the development staff of a custom developed application.

1) If the application or any of the application components are not being maintained, it is a finding.

Fix Text (F-17157r1_fix)
Ensure there is maintenance for the application.