πΌ CM-5 Access Restrictions for Change (L)(M)(H)
- Contextual name: πΌ CM-5 Access Restrictions for Change (L)(M)(H)
- ID:
/frameworks/fedramp-moderate-security-controls/cm/05 - Located in: πΌ Configuration Management
Descriptionβ
Define, document, approve, and enforce physical and logical access restrictions associated with changes to the system.
Similarβ
- Sections
/frameworks/fedramp-high-security-controls/cm/05
- Internal
- ID:
dec-c-c3c6e693
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ FedRAMP High Security Controls β πΌ CM-5 Access Restrictions for Change (L)(M)(H) | 2 | 15 | 17 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ CM-5(1) Automated Access Enforcement and Audit Records (M)(H) | 9 | |||
| πΌ CM-5(5) Privilege Limitation for Production and Operation (M)(H) | 1 |
Policies (8)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS Account IAM Access Analyzer is not enabled for all regions π’ | 1 | π’ x6 |
| π AWS IAM Policy allows full administrative privileges π’ | 1 | π’ x6 |
| π AWS RDS Instance Auto Minor Version Upgrade is not enabled π π’ | 1 | π x1, π’ x6 |
| π Azure App Service Authentication is disabled and Basic Authentication is enabled π’ | 1 | π’ x6 |
| π Azure App Service Basic Authentication is enabled π’ | π’ x3 | |
| π Azure App Service does not run the latest Java version π’ | π’ x3 | |
| π Azure App Service does not run the latest PHP version π’ | π’ x3 | |
| π Azure App Service does not run the latest Python version π’ | π’ x3 |