System & Information Integrity
System and Information Integrity is about catching and fixing problems fast: patching flaws, stopping malicious code, and monitoring for signs of compromise. It is the family that assumes something will get through and plans for it.
The 7 System & Information Integrity requirements
20 assessment objectives across this family.
- 3.14.1Flaw RemediationIdentify, report, and correct system flaws in a timely manner.5 pt✕ POA&M
- 3.14.2Malicious Code ProtectionProvide protection from malicious code at designated locations within organizational systems.5 pt✕ POA&M
- 3.14.3Security Alerts & AdvisoriesMonitor system security alerts and advisories and take action in response.5 pt✕ POA&M
- 3.14.4Update Malicious Code ProtectionUpdate malicious code protection mechanisms when new releases are available.5 pt✕ POA&M
- 3.14.5System & File ScanningPerform periodic scans of organizational systems and real -time scans of files from external sources as files are downloaded, opened, or executed.3 pt✕ POA&M
- 3.14.6Monitor Communications For AttacksMonitor organizational systems, including inbound and outbound communications traffic, to detect attacks and indicators of potential attacks.5 pt✕ POA&M
- 3.14.7Identify Unauthorized UseIdentify unauthorized use of organizational systems.3 pt✕ POA&M
Build System & Information Integrity, and all 14 families, with an officer
The Level 2 Accelerator walks all 110 requirements with you, generates your SSP, POA&M, and Audit Room from real evidence, includes the full Level 1 platform, and puts a credentialed officer alongside you for 180 days. Filed in 180 days, or we work free until you are.
No credit card. Phase 2 begins Nov 10, 2026, when applicable DoD solicitations start requiring a current Level 2 status to win the award.
Questions, answered
How many CMMC Level 2 requirements are in System & Information Integrity?+
The System & Information Integrity family (SI) has 7 of the 110 CMMC Level 2 requirements, assessed against 20 objectives from NIST SP 800-171A.
What is the System & Information Integrity family about?+
System and Information Integrity is about catching and fixing problems fast: patching flaws, stopping malicious code, and monitoring for signs of compromise. It is the family that assumes something will get through and plans for it.