💼 CM-5 Access Restrictions for Change (L)(M)(H)

• ID: /frameworks/fedramp-high-security-controls/cm/05

Description

Define, document, approve, and enforce physical and logical access restrictions associated with changes to the system.

Similar

• Sections
  • /frameworks/nist-sp-800-53-r5/cm/05
• Internal
  • ID: dec-c-c3c6e693

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST SP 800-53 Revision 5 → 💼 CM-5 Access Restrictions for Change	7				no data

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 FedRAMP Low Security Controls → 💼 CM-5 Access Restrictions for Change (L)(M)(H)			8		no data
💼 FedRAMP Moderate Security Controls → 💼 CM-5 Access Restrictions for Change (L)(M)(H)	2		16		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 CM-5(1) Automated Access Enforcement and Audit Records (M)(H)		7	8		no data
💼 CM-5(5) Privilege Limitation for Production and Operation (M)(H)		1	1		no data

Policies (8)

Policy	Logic Count	Flags	Compliance
🛡️ AWS Account IAM Access Analyzer is not enabled for all regions🟢	1	🟢 x6	no data
🛡️ AWS IAM Policy allows full administrative privileges🟢	1	🟢 x6	no data
🛡️ AWS RDS Instance Auto Minor Version Upgrade is not enabled🟠🟢	1	🟠 x1, 🟢 x6	no data
🛡️ Azure App Service Authentication is disabled and Basic Authentication is enabled🟢	1	🟢 x6	no data
🛡️ Azure App Service Basic Authentication is enabled🟢⚪		🟢 x2, ⚪ x1	no data
🛡️ Azure App Service does not run the latest Java version🟢⚪		🟢 x2, ⚪ x1	no data
🛡️ Azure App Service does not run the latest PHP version🟢⚪		🟢 x2, ⚪ x1	no data
🛡️ Azure App Service does not run the latest Python version🟢⚪		🟢 x2, ⚪ x1	no data

Internal Rules

Rule	Policies	Flags
✉️ dec-x-157aa4b9	1
✉️ dec-x-879aa996	1
✉️ dec-x-215302da	1
✉️ dec-x-a20e54a0	1
✉️ dec-x-ab7fc52e	1
✉️ dec-x-ca52f63a	2
✉️ dec-x-f82b9849	1