home || catalog: SP800-53rev3 / class: Operational / family: (SI) System and Information Integrity ||
search controls:
search nistpubs:

AC
AT
AU
CA
CM
CP
IA
IR
MA
MP
PE
PL
PM
PS
RA
SA
SC
SI

SI-01
SI-02
SI-03
SI-04
SI-05
SI-06
SI-07
SI-08
SI-09
SI-10
SI-11 *
SI-12
SI-13
MMMMM

  SI-11: Error Handling  

base control objective:
The information system:
a. Identifies potentially security-relevant error conditions;
b. Generates error messages that provide information necessary for corrective actions without revealing potentially harmful information that could be exploited by adversaries;
c. Reveals error messages only to authorized personnel; and
d. Prohibits inclusion of sensitive information in error logs or associated administrative messages.

supplemental objective information:
The structure and content of error messages are carefully considered by the organization. The extent to which the information system is able to identify and handle error conditions is guided by organizational policy and operational requirements. Sensitive information includes, for example, account numbers, social security numbers, and credit card numbers.

enhancements to the base objective:

(1) None.

mapping to FIPS199 baseline:

  LOW: null     MOD: base     HIGH: base  

related (regimented) controls:

None.

documents referenced in SP800-53rev3 for SI-11:

None.

Document Date Status Title

Search SP800-53rev3 catalog: