MA-4.3: Comparable Security and Sanitization

Maintenance policy

procedures addressing nonlocal system maintenance

service provider contracts and/or service-level agreements

maintenance records

inspection records

audit records

equipment sanitization records

media sanitization records

system security plan

other relevant documents or records

Organizational personnel with system maintenance responsibilities

system maintenance provider

organizational personnel with information security responsibilities

organizational personnel responsible for media sanitization

system/network administrators

Organizational processes for comparable security and sanitization for nonlocal maintenance

organizational processes for the removal, sanitization, and inspection of components serviced via nonlocal maintenance

mechanisms supporting and/or implementing component sanitization and inspection