The organization: SI-1a.
Develops, documents, and disseminates to Assignment: organization-defined personnel or roles: SI-1a.1.
A system and information integrity policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and SI-1a.2.
Procedures to facilitate the implementation of the system and information integrity policy and associated system and information integrity controls; and SI-1b.
Reviews and updates the current: SI-1b.1.
System and information integrity policy Assignment: organization-defined frequency; and SI-1b.2.
System and information integrity procedures Assignment: organization-defined frequency.