NIST 800-171 R-3.7.2
Control Maintenance Tools and Personnel
Official citation: 3.7.2
Class: core · Severity: medium
Statement of the obligation — verify against source
3.7.2
What it means
Control the tools, techniques, mechanisms, and people used for system maintenance. Approve, control, and monitor maintenance tools — diagnostic equipment, packet sniffers, and similar hardware, software, and firmware — since they can carry malicious code into your facility and systems, whether intentionally or not.
Educational reference only — not legal advice. Consult a qualified assessor or attorney for binding compliance determinations.