Function 5 of FMT_SMF_EXT.1 indicates that it is mandatory for the enterprise to be able to enable/disable a list of audio or visual collection devices across the device, and optionally on a per-app basis.  Certain vendors can do this for the camera, but the microphone cannot be managed by the enterprise; instead it is controlled on a per-application basis under the control of the user.  While this approach is acceptable to the PP author, it does not conform to the PP as currently written.

• The table for FMT_SMF_EXT.1.1, function 5 will have the column entries changed to "M-O-O-O".

• The application note for function 5 (4th paragraph under "Function-specific Application Notes" on p. 90 of the PP) will be changed to read:

"The assignment in function 5 consists of at least one audio and/or visual device, such as camera and microphone, which can be enabled and disabled by either the user or administrator. Disablement of the microphone does not imply that the microphone may not be enabled in order to place emergency phone calls.  If certain devices are able to be restricted to the enterprise (either device-wide or per-app) and others are able to be restricted to users, then this function should be iterated in the table with the appropriate table entries."

It is acceptable for either the user or administrator to be able to enable or disable the selected audio or visual collection devices, either across the device or on a per-application basis (which means the product meets the intent of the requirement).