SA-19: Component Authenticity
Generated
2019-04-12 13:01:48.067729
Status
Skipped
Statements
The organization:
| Code | Description |
|---|---|
| SA-19a. | Develops and implements anti-counterfeit policy and procedures that include the means to detect and prevent counterfeit components from entering the information system; and |
| SA-19b. | Reports counterfeit information system components to [Selection (one or more): source of counterfeit component; [Assignment: organization-defined external reporting organizations]; [Assignment: organization-defined personnel or roles]]. |
Additional Guidance
Sources of counterfeit components include, for example, manufacturers, developers, vendors, and contractors. Anti-counterfeiting policy and procedures support tamper resistance and provide a level of protection against the introduction of malicious code. External reporting organizations include, for example, US-CERT.