Ansible Tower - Maintenance

Control responses for NIST 800-53 rev4.


Requirements Traceability Matrix

Control Name Status
MA-1 System Maintenance Policy And Procedures

not applicable

MA-2 Controlled Maintenance

not applicable

MA-2 (1) Record Content
MA-2 (2) Automated Maintenance Activities
MA-3 Maintenance Tools
MA-3 (1) Inspect Tools
MA-3 (2) Inspect Media
MA-3 (3) Prevent Unauthorized Removal
MA-3 (4) Restricted Tool Use
MA-4 Nonlocal Maintenance

not applicable

MA-4 (1) Auditing And Review
MA-4 (2) Document Nonlocal Maintenance
MA-4 (3) Comparable Security / Sanitization
MA-4 (4) Authentication / Separation Of Maintenance Sessions
MA-4 (5) Approvals And Notifications
MA-4 (6) Cryptographic Protection
MA-4 (7) Remote Disconnect Verification
MA-5 Maintenance Personnel

not applicable

MA-5 (1) Individuals Without Appropriate Access
MA-5 (2) Security Clearances For Classified Systems
MA-5 (3) Citizenship Requirements For Classified Systems
MA-5 (4) Foreign Nationals
MA-5 (5) Nonsystem-Related Maintenance
MA-6 Timely Maintenance
MA-6 (1) Preventive Maintenance
MA-6 (2) Predictive Maintenance
MA-6 (3) Automated Support For Predictive Maintenance



MA-1: System Maintenance Policy And Procedures

The organization: a. Develops, documents, and disseminates to [Assignment: organization-defined personnel or roles]: 1. A system maintenance policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and 2. Procedures to facilitate the implementation of the system maintenance policy and associated system maintenance controls; and b. Reviews and updates the current: 1. System maintenance policy [Assignment: organization-defined frequency]; and 2. System maintenance procedures [Assignment: organization-defined frequency].

MA-1 Control Response Information
Implementation Status:

not applicable

MA-1: What is the solution and how is it implemented?



MA-2: Controlled Maintenance

The organization: a. Schedules, performs, documents, and reviews records of maintenance and repairs on information system components in accordance with manufacturer or vendor specifications and/or organizational requirements; b. Approves and monitors all maintenance activities, whether performed on site or remotely and whether the equipment is serviced on site or removed to another location; c. Requires that [Assignment: organization-defined personnel or roles] explicitly approve the removal of the information system or system components from organizational facilities for off-site maintenance or repairs; d. Sanitizes equipment to remove all information from associated media prior to removal from organizational facilities for off-site maintenance or repairs; e. Checks all potentially impacted security controls to verify that the controls are still functioning properly following maintenance or repair actions; and f. Includes [Assignment: organization-defined maintenance-related information] in organizational maintenance records.

MA-2 Control Response Information
Implementation Status:

not applicable

MA-2: What is the solution and how is it implemented?



MA-2 (1): Record Content

“[Withdrawn: Incorporated into MA-2].”

MA-2 (1) Control Response Information
Implementation Status:
MA-2 (1): What is the solution and how is it implemented?
This control has not been evaluated in the context of Ansible Tower.



MA-2 (2): Automated Maintenance Activities

The organization: (2)(a). Employs automated mechanisms to schedule, conduct, and document maintenance and repairs; and (2)(b). Produces up-to date, accurate, and complete records of all maintenance and repair actions requested, scheduled, in process, and completed.

MA-2 (2) Control Response Information
Implementation Status:
MA-2 (2): What is the solution and how is it implemented?
This control has not been evaluated in the context of Ansible Tower.



MA-3: Maintenance Tools

“The organization approves, controls, and monitors information system maintenance tools.”

MA-3 Control Response Information
Implementation Status:
MA-3: What is the solution and how is it implemented?
This control has not been evaluated in the context of Ansible Tower.



MA-3 (1): Inspect Tools

“The organization inspects the maintenance tools carried into a facility by maintenance personnel for improper or unauthorized modifications.”

MA-3 (1) Control Response Information
Implementation Status:
MA-3 (1): What is the solution and how is it implemented?
This control has not been evaluated in the context of Ansible Tower.