Description
Analyze [Assignment: organization-defined systems or system components] supporting the organization's missions and business functions to determine if such systems or system components are suitable for reuse.
Supplemental Guidance
This is a systems engineering process that ensures the effective and efficient use of organizational systems and reduces the risk of inheriting vulnerabilities or other weaknesses from systems or components that have been repurposed without proper review. Considerations include the original purpose of the system or component, the security and privacy implications of reuse, the age and condition of the system or component, and the availability of documentation.
Changes from Rev 4
New control in Rev 5. System reuse analysis.
Compliance Mappings
ISO 27001:2022
4.1A.7.14
RBI CSF
Annex1.11
SAMA CSF
1.8
Qatar NIA
GV
CBUAE
CR-12
CBE CSF
OVM-1
SA JS2
JS2-8.7
CBN CSF
Part2.4Part5.1
BoG CISD
CISD-XVI
SEBI CSCRF
CLASSIFYGV.OC
BOT Cyber Resilience
Ch1.2
Lloyd's Minimum Standards
MS10.1