NIST 800-53 REV 5 • SYSTEM AND INFORMATION INTEGRITY

SI-7(1)Integrity Checks

Perform an integrity check of {{ insert: param, si-7.1_prm_1 }} {{ insert: param, si-7.1_prm_2 }}.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

No related controls listed

Supplemental Guidance

Security-relevant events include the identification of new threats to which organizational systems are susceptible and the installation of new hardware, software, or firmware. Transitional states include system startup, restart, shutdown, and abort.

Practitioner Notes

Perform integrity checks at specific points — startup, defined intervals, or when specific events occur — to detect unauthorized changes promptly.

Example 1: Configure your FIM tool to check critical file integrity every hour. Critical files include: boot files, OS kernel, security tool executables, and configuration files (web.config, httpd.conf, registry hives). Changes outside maintenance windows trigger immediate alerts.

Example 2: Use UEFI Secure Boot to verify firmware and bootloader integrity at every system startup. If the boot chain has been modified (by a bootkit or rootkit), the system refuses to boot and alerts the administrator.

More System and Information Integrity Controls

SI-1 Policy and Procedures SI-2 Flaw Remediation SI-2(1) Central Management SI-2(2) Automated Flaw Remediation Status