The organization maintains an inventory of information system components that is consistent with the authorization boundary of the information system.
No STIG checks reference this CCI.