πΌ CM-7(5) Authorized Software β Allow-by-exception (M)(H)
- Contextual name: πΌ CM-7(5) Authorized Software β Allow-by-exception (M)(H)
- ID:
/frameworks/fedramp-high-security-controls/cm/07/05 - Located in: πΌ CM-7 Least Functionality (L)(M)(H)
Descriptionβ
(a) Identify [Assignment: organization-defined software programs authorized to execute on the system];
(b) Employ a deny-all, permit-by-exception policy to allow the execution of authorized software programs on the system; and
(c) Review and update the list of authorized software programs [FedRAMP Assignment: at least quarterly or when there is a change].
Similarβ
- Sections
/frameworks/nist-sp-800-53-r5/cm/07/05
- Internal
- ID:
dec-c-322fd20e
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST SP 800-53 Revision 5 β πΌ CM-7(5) Least Functionality _ Authorized Software β Allow-by-exception |
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ FedRAMP Moderate Security Controls β πΌ CM-7(5) Authorized Software β Allow-by-exception (M)(H) |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|