Difference between revisions of "Template:LIMSpec/Cybersecurity"
From LIMSWiki
Jump to navigationJump to searchShawndouglas (talk | contribs) (Updated for 2022.) |
Shawndouglas (talk | contribs) m (NIST tweak) |
||
| (3 intermediate revisions by the same user not shown) | |||
| Line 19: | Line 19: | ||
[https://clsi.org/standards/products/quality-management-systems/documents/qms22/ CLSI QMS22 2.2.3.2]<br /> | [https://clsi.org/standards/products/quality-management-systems/documents/qms22/ CLSI QMS22 2.2.3.2]<br /> | ||
[https://www.ema.europa.eu/en/human-regulatory/research-development/compliance/good-manufacturing-practice/guidance-good-manufacturing-practice-good-distribution-practice-questions-answers EMA Guidance on Good Manufacturing Practice and Good Distribution Practice]<br /> | [https://www.ema.europa.eu/en/human-regulatory/research-development/compliance/good-manufacturing-practice/guidance-good-manufacturing-practice-good-distribution-practice-questions-answers EMA Guidance on Good Manufacturing Practice and Good Distribution Practice]<br /> | ||
[https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final NIST 800-53, Rev. 5, AC-17(2)] | [https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final NIST 800-53, Rev. 5, AC-17(2)]<br /> | ||
[https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final NIST 800-53, Rev. 5, MA-4(6)]<br /> | |||
[https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final NIST 800-53, Rev. 5, SC-8 and SC-8(1)] | |||
| style="background-color:white;" |'''35.1''' The system should use secure communication protocols like SSL/TLS over Secure Hypertext Transfer Protocol with 256 bit encryption. | | style="background-color:white;" |'''35.1''' The system should use secure communication protocols like SSL/TLS over Secure Hypertext Transfer Protocol with 256 bit encryption. | ||
|- | |- | ||
| Line 31: | Line 33: | ||
[https://www.fbi.gov/services/cjis/cjis-security-policy-resource-center CJIS Security Policy 5.10.1.2]<br /> | [https://www.fbi.gov/services/cjis/cjis-security-policy-resource-center CJIS Security Policy 5.10.1.2]<br /> | ||
[https://www.fbi.gov/services/cjis/cjis-security-policy-resource-center CJIS Security Policy Appendix G.6]<br /> | [https://www.fbi.gov/services/cjis/cjis-security-policy-resource-center CJIS Security Policy Appendix G.6]<br /> | ||
[https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final NIST 800-53, Rev. 5, CP-9(8)]<br /> | |||
[https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final NIST 800-53, Rev. 5, SC-13 and SC-28(1)] | [https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final NIST 800-53, Rev. 5, SC-13 and SC-28(1)] | ||
| style="background-color:white;" |'''35.2''' The system should support database encryption and be capable of recording the encryption status of the data contained within. | | style="background-color:white;" |'''35.2''' The system should support database encryption and be capable of recording the encryption status of the data contained within. | ||
|- | |- | ||
| style="padding:5px; width:500px;" |[https://www.law.cornell.edu/cfr/text/42/493.1231 42 CFR Part 493.1231]<br /> | | style="padding:5px; width:500px;" |[https://www.law.cornell.edu/cfr/text/42/493.1231 42 CFR Part 493.1231]<br />[https://www.fbi.gov/services/cjis/cjis-security-policy-resource-center CJIS Security Policy 5.6.2.2.1]<br />[https://clsi.org/standards/products/quality-management-systems/documents/qms22/ CLSI QMS22 2.4.2.2]<br />[https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final NIST 800-53, Rev. 5, AC-3]<br />[https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final NIST 800-53, Rev. 5, IA-2, IA-2(1–4), and IA-8]<br />[https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final NIST 800-53, Rev. 5, MA-4] | ||
[https://www.fbi.gov/services/cjis/cjis-security-policy-resource-center CJIS Security Policy 5.6.2.2.1]<br /> | |||
[https://clsi.org/standards/products/quality-management-systems/documents/qms22/ CLSI QMS22 2.4.2.2]<br /> | |||
[https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final NIST 800-53, Rev. 5, AC-3]<br /> | |||
[https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final NIST 800-53, Rev. 5, IA-2, IA-2(1–4), and IA-8]<br /> | |||
[https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final NIST 800-53, Rev. 5, MA-4] | |||
| style="background-color:white;" |'''35.3''' The system should be able to support multifactor authentication. | | style="background-color:white;" |'''35.3''' The system should be able to support multifactor authentication. | ||
|- | |- | ||
Latest revision as of 22:07, 14 March 2023
| ||||||||||||||||
