Skip to main content

💼 CM-5(1) Automated Access Enforcement and Audit Records (M)(H)

Description

(a) Enforce access restrictions using [Assignment: organization-defined automated mechanisms]; and

(b) Automatically generate audit records of the enforcement actions.

Similar

  • Sections
    • /frameworks/nist-sp-800-53-r5/cm/05/01
  • Internal
    • ID: dec-c-5530900e

Similar Sections (Take Policies From)

SectionSub SectionsInternal RulesPoliciesFlags
💼 NIST SP 800-53 Revision 5 → 💼 CM-5(1) Access Restrictions for Change _ Automated Access Enforcement and Audit Records

Similar Sections (Give Policies To)

SectionSub SectionsInternal RulesPoliciesFlags
💼 FedRAMP Moderate Security Controls → 💼 CM-5(1) Automated Access Enforcement and Audit Records (M)(H)8

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlags

Policies (8)

PolicyLogic CountFlags
📝 AWS CloudTrail Log File Validation is not enabled 🟢1🟢 x6
📝 Azure Diagnostic Setting for Azure Key Vault is not enabled 🟢🟢 x3
📝 Azure Subscription Activity Log Alert for Create or Update Network Security Group does not exist 🟢1🟢 x6
📝 Azure Subscription Activity Log Alert for Create or Update Security Solution does not exist 🟢1🟢 x6
📝 Azure Subscription Activity Log Alert for Create Policy Assignment does not exist 🟢1🟢 x6
📝 Azure Subscription Activity Log Alert for Delete Network Security Group does not exist 🟢1🟢 x6
📝 Azure Subscription Activity Log Alert for Delete Policy Assignment does not exist 🟢1🟢 x6
📝 Azure Subscription Activity Log Alert for Delete Security Solution does not exist 🟢1🟢 x6

Internal Rules

RulePoliciesFlags
✉️ dec-x-20c9ef831
✉️ dec-x-79579ed71
✉️ dec-x-9002886f1
✉️ dec-x-b1e1a4941
✉️ dec-x-b2ce0ca11
✉️ dec-x-c397d3ca2
✉️ dec-x-dc359e591