SA-18 - Tamper Resistance And Detection

Description	The organization implements a tamper protection program for the information system, system component, or information system service.
Guidance	Anti-tamper technologies and techniques provide a level of protection for critical information systems, system components, and information technology products against a number of related threats including modification, reverse engineering, and substitution. Strong identification combined with tamper resistance and/or tamper detection is essential to protecting information systems, components, and products during distribution and when in use. Related controls: PE-3, SA-12, SI-7.
Confidentiality Impact Threshold	none
Integrity Impact Threshold	none
Availability Impact Threshold	none

CCI-003346

Description	The organization implements a tamper protection program for the information system, system component, or information system service.
Assessment Procedure	SA-18.1
Organization Guidance	The organization being inspected/assessed documents and implements a tamper protection program for the information system, system component, or information system service.
Auditor Guidance	The organization conducting the inspection/assessment obtains and examines the documented tamper protection program to ensure the organization being inspected/assessed implements a tamper protection program for the information system, system component, or information system service.