KSI-CNA-EISImplementation guide coming soonEnforcing Intended State
CNA — Cloud-Native Architecture
NIST 800-53: ca-2.1, ca-7.1
- Who this is for
- Cloud service providers
- Service class
- Varies: B, C
- Implementation guidance
- Official source only
- Evidence automation
- Not published
Reviewed implementation guidance for KSI-CNA-EIS is not published yet. The official source below remains complete and authoritative.
Official FedRAMP source
Verbatim from FedRAMP/rules
Class B
**Optional:** Automated services are used to persistently assess the security of all machine-based information resources and automatically enforce their intended operational state.
Class C
Automated services are used to persistently assess the security of all machine-based information resources and automatically enforce their intended operational state.
Content provenance
Official requirement text is sourced from FedRAMP/rules . Boundera implementation guidance has not been fully reviewed for this item.