Overview:
The organization:
a. Uses software and associated documentation in accordance with contract agreements and copyright laws;
b. Tracks the use of software and associated documentation protected by quantity licenses to control copying and distribution; and
c. Controls and documents the use of peer-to-peer file sharing technology to ensure that this capability is not used for the unauthorized distribution, display, performance, or reproduction of copyrighted work.
Supplemental Guidance:
Software license tracking can be accomplished by manual methods (e.g., simple spreadsheets) or automated methods (e.g., specialized tracking applications) depending on organizational needs.
Related controls:AC-17, CM-8, SC-7.
Action Items:
1) Establish a policy and procedure to ensure software is used appropriately in accordance to copyright law and licensing contracts
Related Documents:
1) Secure Systems Configuration Policy
2) Acceptable Use Policy
3) Asset Management Policy
Additional Guidance:
Moderate FedRAMP-Defined Assignment / Selection Parameters
none
Moderate Additional FedRAMP Requirements and Guidance
none
Article ID: 663
Created: September 29, 2022
Last Updated: September 29, 2022
Author: Matthew Burdick
Online URL: http://www.compliancewiki.org/article/software-usage-restrictions-cm-10-663.html