Validation of the 'Options ROM Code'' Platform Configuration Register (aka PCR 2) by the Trusted Platform Module (TPM) should be enabled or disabled as appropriate.
enabled/disabled
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives\s4-o3\PCR 2: Options ROM Code
(2) Registry Key: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE\PlatformValidation\2
Worksheet: Bitlocker Policy Settings; Row: 50
Setting Index #865: This is a setting option. Refer to the following parent setting for additional information: Configure TPM platform validation profile
http://technet.microsoft.com/en-us/library/ee706521(WS.10).aspx
oval:org.secpod.oval:def:14662
Microsoft Security Compliance Management Toolkit for Windows 7, Windows 7 Security Baseline Settings.xlsm
2009-10-01
Microsoft Security Compliance Management Toolkit for Windows 7, Windows 7 Security Baseline.xml
2009-10-01
Microsoft TechNet and other Microsoft online documentation and resources
Microsoft
HTML
SCAP Repo OVAL Definition
2013-08-13