| Control Domain |
Control |
Name |
MetadataId |
Category |
Title |
Owner |
Requirements |
Description |
Info |
Policy# |
| FedRAMP_High_R4 |
MA-2(2) |
FedRAMP_High_R4_MA-2(2) |
FedRAMP High MA-2 (2) |
Maintenance |
Automated Maintenance Activities |
Shared |
n/a |
The organization:
(a) Employs automated mechanisms to schedule, conduct, and document maintenance and repairs; and
(b) Produces up-to date, accurate, and complete records of all maintenance and repair actions requested, scheduled, in process, and completed.
Supplemental Guidance: Related controls: CA-7, MA-3.
References: None. |
link |
2 |
| hipaa |
1803.08b1Organizational.5-08.b |
hipaa-1803.08b1Organizational.5-08.b |
1803.08b1Organizational.5-08.b |
18 Physical & Environmental Security |
1803.08b1Organizational.5-08.b 08.01 Secure Areas |
Shared |
n/a |
Repairs or modifications to the physical components of a facility which are related to security (e.g., hardware, walls, doors and locks) are documented and retained in accordance with the organization's retention policy. |
|
3 |
| hipaa |
1819.08j1Organizational.23-08.j |
hipaa-1819.08j1Organizational.23-08.j |
1819.08j1Organizational.23-08.j |
18 Physical & Environmental Security |
1819.08j1Organizational.23-08.j 08.02 Equipment Security |
Shared |
n/a |
Maintenance and service are controlled and conducted by authorized personnel in accordance with supplier-recommended intervals, insurance policies and the organization’s maintenance program, taking into account whether this maintenance is performed by personnel on site or external to the organization. |
|
7 |
| hipaa |
1821.08j2Organizational.3-08.j |
hipaa-1821.08j2Organizational.3-08.j |
1821.08j2Organizational.3-08.j |
18 Physical & Environmental Security |
1821.08j2Organizational.3-08.j 08.02 Equipment Security |
Shared |
n/a |
Following maintenance, security controls are checked and verified. |
|
4 |
| hipaa |
1822.08j2Organizational.2-08.j |
hipaa-1822.08j2Organizational.2-08.j |
1822.08j2Organizational.2-08.j |
18 Physical & Environmental Security |
1822.08j2Organizational.2-08.j 08.02 Equipment Security |
Shared |
n/a |
Records of maintenance are maintained. |
|
4 |
| ISO27001-2013 |
A.11.2.4 |
ISO27001-2013_A.11.2.4 |
ISO 27001:2013 A.11.2.4 |
Physical And Environmental Security |
Equipment maintenance |
Shared |
n/a |
Equipment shall be correctly maintained to ensure its continued availability and integrity. |
link |
9 |
| NIST_SP_800-53_R4 |
MA-2(2) |
NIST_SP_800-53_R4_MA-2(2) |
NIST SP 800-53 Rev. 4 MA-2 (2) |
Maintenance |
Automated Maintenance Activities |
Shared |
n/a |
The organization:
(a) Employs automated mechanisms to schedule, conduct, and document maintenance and repairs; and
(b) Produces up-to date, accurate, and complete records of all maintenance and repair actions requested, scheduled, in process, and completed.
Supplemental Guidance: Related controls: CA-7, MA-3.
References: None. |
link |
2 |
| NIST_SP_800-53_R5 |
MA-2(2) |
NIST_SP_800-53_R5_MA-2(2) |
NIST SP 800-53 Rev. 5 MA-2 (2) |
Maintenance |
Automated Maintenance Activities |
Shared |
n/a |
(a) Schedule, conduct, and document maintenance, repair, and replacement actions for the system using [Assignment: organization-defined automated mechanisms]; and
(b) Produce up-to date, accurate, and complete records of all maintenance, repair, and replacement actions requested, scheduled, in process, and completed. |
link |
2 |