💼 CM-2 BASELINE CONFIGURATION

• ID: /frameworks/nist-sp-800-53-r4/cm/02

Description

The organization develops, documents, and maintains under configuration control, a current baseline configuration of the information system.

Similar

• Internal
  • ID: dec-c-34e248a1

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST CSF v1.1 → 💼 DE.AE-1: A baseline of network operations and expected data flows for users and systems is established and managed		10	34		no data
💼 NIST CSF v1.1 → 💼 PR.DS-7: The development and testing environment(s) are separate from the production environment			1		no data
💼 NIST CSF v1.1 → 💼 PR.IP-1: A baseline configuration of information technology/industrial control systems is created and maintained incorporating security principles (e.g. concept of least functionality)		4	26		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 CM-2 (1) REVIEWS AND UPDATES					no data
💼 CM-2 (2) AUTOMATION SUPPORT FOR ACCURACY _ CURRENCY					no data
💼 CM-2 (3) RETENTION OF PREVIOUS CONFIGURATIONS					no data
💼 CM-2 (4) UNAUTHORIZED SOFTWARE					no data
💼 CM-2 (5) AUTHORIZED SOFTWARE					no data
💼 CM-2 (6) DEVELOPMENT AND TEST ENVIRONMENTS					no data
💼 CM-2 (7) CONFIGURE SYSTEMS, COMPONENTS, OR DEVICES FOR HIGH-RISK AREAS					no data

Policies (1)

Policy	Logic Count	Flags	Compliance
🛡️ AWS S3 Bucket Versioning is not enabled🟢	1	🟢 x6	no data

Internal Rules

Rule	Policies	Flags
✉️ dec-x-2a9e5255	1