SI-2(5)

  • Requirement

    Install [Assignment: organization-defined security-relevant software and firmware updates] automatically to [Assignment: organization-defined system components].

  • Discussion

    Due to system integrity and availability concerns, organizations consider the methodology used to carry out automatic updates. Organizations balance the need to ensure that the updates are installed as soon as possible with the need to maintain configuration management and control with any mission or operational impacts that automatic updates might impose.

More Info

  • Title

    Flaw Remediation | Automatic Software and Firmware Updates
  • Family

    System and Information Integrity
  • NIST 800-53B Baseline(s)

    • Related NIST 800-53 ID

    NIST 800-53A Assessment Guidance

    CMMC Training

    Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!