SI-5: Security Alerts, Advisories, and Directives

system security alerts, advisories, and directives are received from external organizations on an ongoing basis;

internal security alerts, advisories, and directives are generated as deemed necessary;

security alerts, advisories, and directives are disseminated to si-05_odp.02 ;

security directives are implemented in accordance with established time frames or if the issuing organization is notified of the degree of noncompliance.

System and information integrity policy

system and information integrity procedures

procedures addressing security alerts, advisories, and directives

records of security alerts and advisories

system security plan

other relevant documents or records

Organizational personnel with security alert and advisory responsibilities

organizational personnel implementing, operating, maintaining, and using the system

organizational personnel, organizational elements, and/or external organizations to whom alerts, advisories, and directives are to be disseminated

system/network administrators

organizational personnel with information security responsibilities

Organizational processes for defining, receiving, generating, disseminating, and complying with security alerts, advisories, and directives

mechanisms supporting and/or implementing the definition, receipt, generation, and dissemination of security alerts, advisories, and directives

mechanisms supporting and/or implementing security directives