SC-36(1)

Requirement
1. Employ polling techniques to identify potential faults, errors, or compromises to the following processing and storage components: [Assignment: organization-defined distributed processing and storage components]; and
2. Take the following actions in response to identified faults, errors, or compromises: [Assignment: organization-defined actions].

Discussion

Distributed processing and/or storage may be used to reduce opportunities for adversaries to compromise the confidentiality, integrity, or availability of organizational information and systems. However, the distribution of processing and storage components does not prevent adversaries from compromising one or more of the components. Polling compares the processing results and/or storage content from the distributed components and subsequently votes on the outcomes. Polling identifies potential faults, compromises, or errors in the distributed processing and storage components.

NIST 800-53A Assessment Guidance

Examine

[SELECT FROM: System and communications protection policy; system design documentation; system configuration settings and associated documentation; system architecture; list of distributed processing and storage components subject to polling; system polling techniques and associated documentation or records; system audit records; system security plan; other relevant documents or records].

Interview

[SELECT FROM: System/network administrators; organizational personnel with information security responsibilities; organizational personnel installing, configuring, and/or maintaining the system; system developers/integrators].

Test

[SELECT FROM: Mechanisms supporting and/or implementing polling techniques].

ID	Assessment Objectives
SC-36(01)(a)	polling techniques are employed to identify potential faults, errors, or compromises to <SC-36(01)_ODP[01] distributed processing and storage components>;
SC-36(01)(b)	<SC-36(01)_ODP[02] actions> are taken in response to identified faults, errors, or compromise.

Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!