SI-4
System Monitoring
System and Information Integrity
The organization monitors the information system to detect attacks and indicators of potential attacks in accordance with monitoring objectives.
High PriorityAI-Relevant Control
Purpose
Detect and respond to security incidents and potential threats in a timely manner.
AI Relevance
Essential for monitoring AI system behavior, detecting model drift, identifying adversarial attacks, and ensuring AI system integrity.
Implementation Guidance
Deploy security information and event management (SIEM) systems, intrusion detection/prevention systems, and continuous monitoring tools with automated alerting.
Assessment
Test monitoring capabilities, verify alert accuracy, review incident response procedures, and validate monitoring coverage.
Requirements
- 1Monitor the information system to detect attacks
- 2Monitor the information system to detect indicators of potential attacks
- 3Monitor the information system to detect unauthorized local, network, and remote connections
- 4Monitor the information system to detect unauthorized use of the information system
- 5Monitor the information system to detect unauthorized changes to the information system
- 6Monitor the information system to detect unauthorized changes to the information
- 7Monitor the information system to detect unauthorized changes to the system configuration
- 8Monitor the information system to detect unauthorized changes to the system software
- 9Monitor the information system to detect unauthorized changes to the system firmware
- 10Monitor the information system to detect unauthorized changes to the system hardware
Related Controls
Framework Context
NIST 800-53 Rev 5
Security and Privacy Controls for Federal Information Systems
Official Documentation →