CM-7(7)
-
Requirement
Allow execution of binary or machine-executable code only in confined physical or virtual machine environments and with the explicit approval of [Assignment: organization-defined personnel or roles] when such code is:
- Obtained from sources with limited or no warranty; and/or
- Without the provision of source code.
-
Discussion
Code execution in protected environments applies to all sources of binary or machine-executable code, including commercial software and firmware and open-source software.
NIST 800-53A Assessment Guidance
CMMC Training
Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!