NIST 800-53 Rev. 5

AC
AT
AU
CA
CM
CP
IA
IR
MA
MP
PE
PL
PM
PS
PT
RA
SA
SC
SI
SR
SI-1
SI-2
SI-13(2)
SI-2(2)
SI-2(3)
SI-2(4)
SI-2(5)
SI-2(6)
SI-3
SI-2(1)
SI-3(1)
SI-3(2)
SI-3(4)
SI-3(3)
SI-3(6)
SI-3(5)
SI-3(8)
SI-3(7)
SI-3(10)
SI-4
SI-4(1)
SI-4(2)
SI-4(3)
SI-4(4)
SI-4(5)
SI-3(9)
SI-4(7)
SI-4(6)
SI-4(9)
SI-4(10)
SI-4(11)
SI-4(12)
SI-4(13)
SI-4(14)
SI-4(15)
SI-4(16)
SI-4(17)
SI-4(18)
SI-4(19)
SI-4(20)
SI-4(21)
SI-4(22)
SI-4(23)
SI-4(24)
SI-4(25)
SI-5
SI-5(1)
SI-6
SI-4(8)
SI-6(2)
SI-6(3)
SI-7
SI-7(1)
SI-7(2)
SI-7(3)
SI-6(1)
SI-7(5)
SI-7(6)
SI-7(7)
SI-7(8)
SI-7(9)
SI-7(10)
SI-7(11)
SI-7(12)
SI-7(13)
SI-7(14)
SI-7(15)
SI-7(16)
SI-7(17)
SI-8
SI-7(4)
SI-8(2)
SI-8(3)
SI-8(1)
SI-10
SI-10(1)
SI-10(2)
SI-10(3)
SI-10(4)
SI-10(5)
SI-10(6)
SI-11
SI-12
SI-12(1)
SI-12(2)
SI-12(3)
SI-13
SI-13(1)
SI-9
SI-13(3)
SI-13(4)
SI-13(5)
SI-14
SI-14(1)
SI-14(2)
SI-14(3)
SI-15
SI-16
SI-17
SI-18
SI-18(1)
SI-18(2)
SI-18(3)
SI-18(4)
SI-18(5)
SI-19
SI-19(1)
SI-19(2)
SI-19(3)
SI-19(4)
SI-19(5)
SI-19(6)
SI-19(7)
SI-19(8)
SI-20
SI-21
SI-22
SI-23

SI-10(5): Information Input Validation | Restrict Inputs to Trusted Sources and Approved Formats

Control Text:

Restrict the use of information inputs to [Assignment: organization-defined trusted sources] and/or [Assignment: organization-defined formats].

Restricting the use of inputs to trusted sources and in trusted formats applies the concept of authorized or permitted software to information inputs. Specifying known trusted sources for information inputs and acceptable formats for such inputs can reduce the probability of malicious activity. The information inputs are those defined by the organization in the base control (SI-10).

Related Controls