NIST 800-53 REV 5 • MAINTENANCE

MA-2(2)Automated Maintenance Activities

Schedule, conduct, and document maintenance, repair, and replacement actions for the system using {{ insert: param, ma-2.2_prm_1 }} ; and Produce up-to date, accurate, and complete records of all maintenance, repair, and replacement actions requested, scheduled, in process, and completed.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

Supplemental Guidance

The use of automated mechanisms to manage and control system maintenance programs and activities helps to ensure the generation of timely, accurate, complete, and consistent maintenance records.

Practitioner Notes

This enhancement calls for automated tools to schedule, perform, and document maintenance activities. Automation reduces human error and ensures nothing falls through the cracks.

Example 1: Use Microsoft Endpoint Configuration Manager (MECM) to automate patch deployment on a schedule: test patches in a pilot group first, then deploy to production after a defined soak period. MECM automatically logs what was deployed, to which machines, and whether it succeeded or failed.

Example 2: Use Ansible, Puppet, or Chef to automate system configuration maintenance. Write playbooks that check for and apply required configurations (NTP settings, security baselines, log rotation). Schedule these to run weekly and output reports to a central log for review.

More Maintenance Controls

MA-1 Policy and Procedures MA-2 Controlled Maintenance MA-2(1) Record Content MA-3 Maintenance Tools