NIST 800-53 REV 5 • SYSTEM AND INFORMATION INTEGRITY

SI-10(1)Manual Override Capability

Provide a manual override capability for input validation of the following information inputs: {{ insert: param, si-10_odp }}; Restrict the use of the manual override capability to only {{ insert: param, si-10.01_odp }} ; and Audit the use of the manual override capability.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

Supplemental Guidance

In certain situations, such as during events that are defined in contingency plans, a manual override capability for input validation may be needed. Manual overrides are used only in limited circumstances and with the inputs defined by the organization.

Practitioner Notes

Provide a manual override capability for input validation — sometimes legitimate but unusual data needs to be entered, and there should be an authorized override process.

Example 1: Build a supervisor override function in your data entry applications. If a value fails validation (like an unusually large purchase order amount), a supervisor can review the entry, provide justification, and approve the override. Log all overrides for audit.

Example 2: In your web application, allow administrators to temporarily whitelist specific input patterns that are being falsely rejected. Provide an admin interface that logs the override, the justification, and who approved it.

More System and Information Integrity Controls

SI-1 Policy and Procedures SI-2 Flaw Remediation SI-2(1) Central Management SI-2(2) Automated Flaw Remediation Status