Skip to main content

💼 CM-5(1) Automated Access Enforcement and Audit Records (M)(H)

Contextual name: 💼 CM-5(1) Automated Access Enforcement and Audit Records (M)(H)
ID: /frameworks/fedramp-moderate-security-controls/cm/05/01
Located in: 💼 CM-5 Access Restrictions for Change (L)(M)(H)

Description

(a) Enforce access restrictions using [Assignment: organization-defined automated mechanisms]; and

(b) Automatically generate audit records of the enforcement actions.

Similar

Sections
- /frameworks/fedramp-high-security-controls/cm/05/01
Internal
- ID: dec-c-5530900e

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 FedRAMP High Security Controls → 💼 CM-5(1) Automated Access Enforcement and Audit Records (M)(H)		7	8

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (8)

Policy	Logic Count	Flags
📝 AWS CloudTrail Log File Validation is not enabled 🟢	1	🟢 x6
📝 Azure Diagnostic Setting for Azure Key Vault is not enabled 🟢		🟢 x3
📝 Azure Subscription Activity Log Alert for Create or Update Network Security Group does not exist 🟢	1	🟢 x6
📝 Azure Subscription Activity Log Alert for Create or Update Security Solution does not exist 🟢	1	🟢 x6
📝 Azure Subscription Activity Log Alert for Create Policy Assignment does not exist 🟢	1	🟢 x6
📝 Azure Subscription Activity Log Alert for Delete Network Security Group does not exist 🟢	1	🟢 x6
📝 Azure Subscription Activity Log Alert for Delete Policy Assignment does not exist 🟢	1	🟢 x6
📝 Azure Subscription Activity Log Alert for Delete Security Solution does not exist 🟢	1	🟢 x6

Description
Similar
Similar Sections (Take Policies From)
Sub Sections
Policies (8)