Service Configuration¶
A secure cloud service offering will follow FedRAMP encryption policies, continuously verify information resource integrity, and restrict access to third-party information resources.
Automating Configuration Management¶
KSI-SVC-ACM
Former ID: KSI-SVC-04
Changelog:
- 2026-02-04: Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes.
Manage configuration of machine-based information resources using automation.
Related SP 800-53 Controls: AC-2.4, CM-2, CM-2.2, CM-2.3, CM-6, CM-7.1, PL-9, PL-10, SA-5, SI-5, SR-10
Terms: Information Resource, Machine-Based (information resources)
Automating Secret Management¶
KSI-SVC-ASM
Former ID: KSI-SVC-06
Changelog:
- 2026-02-04: Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes.
Automate management, protection, and regular rotation of digital keys, certificates, and other secrets.
Related SP 800-53 Controls: AC-17.2, IA-5.2, IA-5.6, SC-12, SC-17
Terms: Regularly
Evaluating and Improving Security¶
KSI-SVC-EIS
Former ID: KSI-SVC-01
Changelog:
- 2026-02-04: Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes.
Implement improvements based on persistent evaluation of information resources for opportunities to improve security.
Related SP 800-53 Controls: CM-7.1, CM-12.1, MA-2, PL-8, SC-7, SC-39, SI-2.2, SI-4, SR-10
Terms: Information Resource, Persistently
Preventing Residual Risk¶
KSI-SVC-PRR
Former ID: KSI-SVC-08
Changelog:
- 2026-02-04: Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes.
Optional: Persistently review plans, procedures, and the state of information resources after making changes to limit and remove unwanted residual elements that would likely negatively affect the confidentiality, integrity, or availability of federal customer data.
Persistently review plans, procedures, and the state of information resources after making changes to limit and remove unwanted residual elements that would likely negatively affect the confidentiality, integrity, or availability of federal customer data.
Related SP 800-53 Controls: SC-4
Terms: Federal Customer Data, Information Resource, Likely, Persistently
Removing Unwanted Data¶
KSI-SVC-RUD
Former ID: KSI-SVC-10
Changelog:
- 2026-02-04: Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes.
Optional: Remove unwanted federal customer data promptly when requested by an agency in alignment with customer agreements, including from backups if appropriate; this typically applies when a customer spills information or when a customer seeks to remove information from a service due to a change in usage.
Remove unwanted federal customer data promptly when requested by an agency in alignment with customer agreements, including from backups if appropriate; this typically applies when a customer spills information or when a customer seeks to remove information from a service due to a change in usage.
Related SP 800-53 Controls: SI-12.3, SI-18.4
Terms: Agency, Federal Customer Data, Promptly
Securing Network Traffic¶
KSI-SVC-SNT
Former ID: KSI-SVC-02
Changelog:
- 2026-02-04: Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes.
Encrypt or otherwise secure network traffic.
Related SP 800-53 Controls: AC-1, AC-17.2, CP-9.8, SC-8, SC-8.1, SC-13, SC-20, SC-21, SC-22, SC-23
Validating Communications¶
KSI-SVC-VCM
Former ID: KSI-SVC-09
Changelog:
- 2026-02-04: Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes.
Optional: Persistently validate the authenticity and integrity of communications between machine-based information resources using automation.
Persistently validate the authenticity and integrity of communications between machine-based information resources using automation.
Related SP 800-53 Controls: SC-23, SI-7.1
Terms: Information Resource, Machine-Based (information resources), Persistent Validation, Persistently
Validating Resource Integrity¶
KSI-SVC-VRI
Former ID: KSI-SVC-05
Changelog:
- 2026-02-04: Removed italics and changed the ID as part of new standardization in v0.9.0-beta; no material changes.
Use cryptographic methods to validate the integrity of machine-based information resources.
Related SP 800-53 Controls: CM-2.2, CM-8.3, SC-13, SC-23, SI-7, SI-7.1, SR-10
Terms: Information Resource, Machine-Based (information resources), Persistent Validation