NIST 800-53 REV 5 • SYSTEM AND COMMUNICATIONS PROTECTION

SC-16(1)Integrity Verification

Verify the integrity of transmitted security and privacy attributes.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

Supplemental Guidance

Part of verifying the integrity of transmitted information is ensuring that security and privacy attributes that are associated with such information have not been modified in an unauthorized manner. Unauthorized modification of security or privacy attributes can result in a loss of integrity for transmitted information.

Practitioner Notes

Verify the integrity of security and privacy attributes during transmission — make sure labels have not been tampered with in transit.

Example 1: Use digital signatures on sensitivity labels so receiving systems can verify the label was applied by an authorized source and has not been modified. Microsoft Purview labels support this natively.

Example 2: Configure your email gateway to check classification markings in message headers against a cryptographic hash. If the header has been altered in transit, the gateway quarantines the message and alerts security.

More System and Communications Protection Controls

SC-1 Policy and Procedures SC-2 Separation of System and User Functionality SC-2(1) Interfaces for Non-privileged Users SC-2(2) Disassociability