SC-03 Security Function Isolation
System and Communications Protection
Low Moderate High
Description
The information system isolates security functions from nonsecurity functions.
Supplemental Guidance
The information system isolates security functions from nonsecurity functions by means of partitions, domains, etc., including control of access to and integrity of, the hardware, software, and firmware that perform those security functions. The information system maintains a separate execution domain (e.g., address space) for each executing process.
MITRE ATT&CK Techniques (18)
ATT&CK v16.1Techniques mitigated by this control, mapped via CTID.
Initial Access 2 Execution 5 Privilege Escalation 3 Defense Evasion 2 Credential Access 2 Lateral Movement 2 Collection 3
Initial Access
Execution
Privilege Escalation
Credential Access
Compliance Mappings
CSA CCM v4
IVS-06
CSA AICM v1
I&S-06
ANSSI
Hygiene.23SecNumCloud.14.1
FINMA Circular 2023/1
IV.C(62)IV.C(63)
OSFI B-13
B-13.2.2B-13.3.2
EU GDPR
Art.32(1)(a)Art.32(1)(b)
EU DORA
Art.9(4)(a)
RBI CSF
Annex1.6
FISC Security Guidelines
FISC.T14FISC.T3
HKMA TM-E-1
TME1.7.3
EU CRA
CRA.I.2k
NCA ECC
2-3
CBB TM
TM-8
Qatar NIA
CS
BoG CISD
CISD-VI
IOSCO Cyber Resilience
PROT-2
BCBS 239
Principle 2
CPMI-IOSCO PFMI
CG.PR
FFIEC IS
II.C.15(a)II.C.2
NYDFS 500
500.8
HIPAA Security Rule
§164.308(a)(4)(ii)(A)
ECB CROE
CROE.2.3.5
BOT Cyber Resilience
Ch2.4
CMMC 2.0
SC
FIPS 140-3
FIPS 140-3 §7.3
Solvency II
EIOPA-ICT-4.6
Basel SCO60
SCO60.64
SEC Custody (Digital Assets)
SEC-CD-04
ISO 17799 (legacy)
11.4.5
COBIT 4.1 (legacy)
DS5.7