• Requirement

    Employ [Assignment: organization-defined system components] with no writeable storage that is persistent across component restart or power on/off.

  • Discussion

    Disallowing writeable storage eliminates the possibility of malicious code insertion via persistent, writeable storage within the designated system components. The restriction applies to fixed and removable storage, with the latter being addressed either directly or as specific restrictions imposed through access controls for mobile devices.

More Info

  • Title

    Non-modifiable Executable Programs | No Writable Storage
  • Family

    System and Communications Protection
  • NIST 800-53B Baseline(s)

    • Related NIST 800-53 ID


    NIST 800-53A Assessment Guidance

    CMMC Training

    Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!