πΌ CM-5(1) Automated Access Enforcement and Audit Records (M)(H)
- Contextual name: πΌ CM-5(1) Automated Access Enforcement and Audit Records (M)(H)
- ID:
/frameworks/fedramp-high-security-controls/cm/05/01 - Located in: πΌ CM-5 Access Restrictions for Change (L)(M)(H)
Descriptionβ
(a) Enforce access restrictions using [Assignment: organization-defined automated mechanisms]; and
(b) Automatically generate audit records of the enforcement actions.
Similarβ
- Sections
/frameworks/nist-sp-800-53-r5/cm/05/01
- Internal
- ID:
dec-c-5530900e
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST SP 800-53 Revision 5 β πΌ CM-5(1) Access Restrictions for Change _ Automated Access Enforcement and Audit Records |
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ FedRAMP Moderate Security Controls β πΌ CM-5(1) Automated Access Enforcement and Audit Records (M)(H) | 9 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (9)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS Account Multi-Region CloudTrail is not enabled π’ | 1 | π’ x6 |
| π AWS CloudTrail Log File Validation is not enabled π’ | 1 | π’ x6 |
| π Azure Diagnostic Setting for Azure Key Vault is not enabled π’ | π’ x3 | |
| π Azure Subscription Activity Log Alert for Create or Update Network Security Group does not exist π’ | 1 | π’ x6 |
| π Azure Subscription Activity Log Alert for Create or Update Security Solution does not exist π’ | 1 | π’ x6 |
| π Azure Subscription Activity Log Alert for Create Policy Assignment does not exist π’ | 1 | π’ x6 |
| π Azure Subscription Activity Log Alert for Delete Network Security Group does not exist π’ | 1 | π’ x6 |
| π Azure Subscription Activity Log Alert for Delete Policy Assignment does not exist π’ | 1 | π’ x6 |
| π Azure Subscription Activity Log Alert for Delete Security Solution does not exist π’ | 1 | π’ x6 |
Internal Rulesβ
| Rule | Policies | Flags |
|---|---|---|
| βοΈ dec-x-20c9ef83 | 1 | |
| βοΈ dec-x-79579ed7 | 1 | |
| βοΈ dec-x-9002886f | 1 | |
| βοΈ dec-x-b1e1a494 | 1 | |
| βοΈ dec-x-b2ce0ca1 | 1 | |
| βοΈ dec-x-c397d3ca | 2 | |
| βοΈ dec-x-dc359e59 | 1 | |
| βοΈ dec-z-3f480eb5 | 1 |