Skip to main content

๐Ÿ’ผ Configuration Management

  • Contextual name: ๐Ÿ’ผ Configuration Management
  • ID: /frameworks/fedramp-high-security-controls/cm
  • Located in: ๐Ÿ’ผ FedRAMP High Security Controls

Descriptionโ€‹

Empty...

Similarโ€‹

  • Internal
    • ID: dec-b-c262c565

Sub Sectionsโ€‹

SectionSub SectionsInternal RulesPoliciesFlags
๐Ÿ’ผ CM-1 Policy and Procedures (L)(M)(H)
๐Ÿ’ผ CM-2 Baseline Configuration (L)(M)(H)313
ย ย ย ย ๐Ÿ’ผ CM-2(2) Automation Support for Accuracy and Currency (M)(H)13
ย ย ย ย ๐Ÿ’ผ CM-2(3) Retention of Previous Configurations (M)(H)11
ย ย ย ย ๐Ÿ’ผ CM-2(7) Configure Systems and Components for High-risk Areas (M)(H)
๐Ÿ’ผ CM-3 Configuration Change Control (M)(H)417
ย ย ย ย ๐Ÿ’ผ CM-3(1) Automated Documentation, Notification, and Prohibition of Changes (H)
ย ย ย ย ๐Ÿ’ผ CM-3(2) Testing, Validation, and Documentation of Changes (M)(H)
ย ย ย ย ๐Ÿ’ผ CM-3(4) Security and Privacy Representatives (M)(H)
ย ย ย ย ๐Ÿ’ผ CM-3(6) Cryptography Management (H)4
๐Ÿ’ผ CM-4 Impact Analyses (L)(M)(H)2
ย ย ย ย ๐Ÿ’ผ CM-4(1) Separate Test Environments (H)
ย ย ย ย ๐Ÿ’ผ CM-4(2) Verification of Controls (M)(H)
๐Ÿ’ผ CM-5 Access Restrictions for Change (L)(M)(H)278
ย ย ย ย ๐Ÿ’ผ CM-5(1) Automated Access Enforcement and Audit Records (M)(H)89
ย ย ย ย ๐Ÿ’ผ CM-5(5) Privilege Limitation for Production and Operation (M)(H)11
๐Ÿ’ผ CM-6 Configuration Settings (L)(M)(H)2
ย ย ย ย ๐Ÿ’ผ CM-6(1) Automated Management, Application, and Verification (M)(H)1
ย ย ย ย ๐Ÿ’ผ CM-6(2) Respond to Unauthorized Changes (H)
๐Ÿ’ผ CM-7 Least Functionality (L)(M)(H)3718
ย ย ย ย ๐Ÿ’ผ CM-7(1) Periodic Review (M)(H)1111
ย ย ย ย ๐Ÿ’ผ CM-7(2) Prevent Program Execution (M)(H)
ย ย ย ย ๐Ÿ’ผ CM-7(5) Authorized Software โ€” Allow-by-exception (M)(H)
๐Ÿ’ผ CM-8 System Component Inventory (L)(M)(H)41
ย ย ย ย ๐Ÿ’ผ CM-8(1) Updates During Installation and Removal (M)(H)
ย ย ย ย ๐Ÿ’ผ CM-8(2) Automated Maintenance (H)1
ย ย ย ย ๐Ÿ’ผ CM-8(3) Automated Unauthorized Component Detection (M)(H)
ย ย ย ย ๐Ÿ’ผ CM-8(4) Accountability Information (H)
๐Ÿ’ผ CM-9 Configuration Management Plan (M)(H)
๐Ÿ’ผ CM-10 Software Usage Restrictions (L)(M)(H)
๐Ÿ’ผ CM-11 User-installed Software (L)(M)(H)44
๐Ÿ’ผ CM-12 Information Location (M)(H)1
ย ย ย ย ๐Ÿ’ผ CM-12(1) Automated Tools to Support Information Location (M)(H)
๐Ÿ’ผ CM-14 Signed Components (H)