💼 CM-2 BASELINE CONFIGURATION

• Contextual name: 💼 CM-2 BASELINE CONFIGURATION
• ID: /frameworks/nist-sp-800-53-r4/cm/02
• Located in: 💼 CM CONFIGURATION MANAGEMENT

Description

The organization develops, documents, and maintains under configuration control, a current baseline configuration of the information system.

Similar

• Internal
  • ID: dec-c-34e248a1

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 NIST CSF v1.1 → 💼 DE.AE-1: A baseline of network operations and expected data flows for users and systems is established and managed		10	14
💼 NIST CSF v1.1 → 💼 PR.DS-7: The development and testing environment(s) are separate from the production environment			1
💼 NIST CSF v1.1 → 💼 PR.IP-1: A baseline configuration of information technology/industrial control systems is created and maintained incorporating security principles (e.g. concept of least functionality)		4	26

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 CM-2 (1) REVIEWS AND UPDATES
💼 CM-2 (2) AUTOMATION SUPPORT FOR ACCURACY _ CURRENCY
💼 CM-2 (3) RETENTION OF PREVIOUS CONFIGURATIONS
💼 CM-2 (4) UNAUTHORIZED SOFTWARE
💼 CM-2 (5) AUTHORIZED SOFTWARE
💼 CM-2 (6) DEVELOPMENT AND TEST ENVIRONMENTS
💼 CM-2 (7) CONFIGURE SYSTEMS, COMPONENTS, OR DEVICES FOR HIGH-RISK AREAS

Policies (1)

Policy	Logic Count	Flags
📝 AWS S3 Bucket Versioning is not enabled 🟢	1	🟢 x6

Internal Rules

Rule	Policies	Flags
✉️ dec-x-2a9e5255	1