NIST CSF: PR.MA-1 Subcategory
From NIST's Cyber Security Framework (version 1):
Maintenance and repair of organizational assets are performed and logged, with approved and controlled tools
Cyber Threat Graph Context
Explore how this control relates to the wider threat graph
CSF Mapped to SP800-53 Controls
Generated from NIST's SP800-53/CSF Crosswalk mappings.
Related ISO 27001 Controls
Annex A controls from ISO 27001 (2013) which are related to this CSF subcategory, taken from mappings by NIST and additional data from Ofgem.
-
Removal of assets (11.2.5)
ISO 27001:2013 -
Physical entry controls (11.1.2)
ISO 27001:2013 -
Equipment maintenance (11.2.4)
ISO 27001:2013 -
Security of equipment and assets off-premises (11.2.6)
ISO 27001:2013
Related ISA/IEC 62443 Controls
Clauses and controls from IEC 62443 (62443-2-1 and 62443-3-3) which are related to this CSF subcategory, taken from mappings by NIST and additional data from Ofgem.
-
Maintain equipment assets (4.3.3.3.7)
ISA/IEC 62443-2-1:2009
CSF Mapped to the NCSC CAF
Cyber Assessment Framework mappings generated from UK Cabinet Office data.
| Control ID | Name | Description |
|---|---|---|
| B4.b | Secure Configuration | You securely configure the network and information systems that support the operation of essential functions. |
| B4.c | Secure Management | You manage your organisation's network and information systems that support the operation of essential functions to enable and maintain security. |
| A3.a | Asset Management | Everything required to deliver, maintain or support networks and information systems necessary for the operation of essential functions is determined and understood. This includes data, people and systems, as well as any supporting infrastructure (such as power or cooling). |