The organization reassesses the integrity of software and information by performing, on an organization-defined frequency, integrity scans of the information system.
No STIG checks reference this CCI.