πΌ CM-14 Signed Components (H)
- Contextual name: πΌ CM-14 Signed Components (H)
- ID:
/frameworks/fedramp-high-security-controls/cm/14
- Located in: πΌ Configuration Management
Descriptionβ
Prevent the installation of [Assignment: organization-defined software and firmware components] without verification that the component has been digitally signed using a certificate that is recognized and approved by the organization.
CM-14 Additional FedRAMP Requirements and Guidance:
Guidance: If digital signatures/certificates are unavailable, alternative cryptographic integrity checks (hashes, self-signed certs, etc.) can be utilized.
Similarβ
- Sections
/frameworks/nist-sp-800-53-r5/cm/14
- Internal
Similar Sections (Take Policies From)β
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|