NIST 800-53 REV 5 • SYSTEM AND INFORMATION INTEGRITY

SI-10(2)Review and Resolve Errors

Review and resolve input validation errors within {{ insert: param, si-10.2_prm_1 }}.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

No related controls listed

Supplemental Guidance

Resolution of input validation errors includes correcting systemic causes of errors and resubmitting transactions with corrected input. Input validation errors are those related to the information inputs defined by the organization in the base control ( [SI-10](#si-10)).

Practitioner Notes

Review and resolve input validation errors promptly — do not just reject bad input and ignore it. Understand why errors are occurring.

Example 1: Monitor input validation error logs in your SIEM. A sudden spike in validation errors from a single source could indicate an attack (SQL injection probing). A gradual increase might indicate a legitimate data format change that needs accommodation.

Example 2: Create a process for reviewing rejected inputs weekly. If legitimate users are consistently triggering validation errors, adjust your validation rules to accommodate valid data while still blocking malicious input. Document rule changes and the rationale.

More System and Information Integrity Controls

SI-1 Policy and Procedures SI-2 Flaw Remediation SI-2(1) Central Management SI-2(2) Automated Flaw Remediation Status