πΌ CM-4 SECURITY IMPACT ANALYSIS
- Contextual name: πΌ CM-4 SECURITY IMPACT ANALYSIS
- ID:
/frameworks/nist-sp-800-53-r4/cm/04 - Located in: πΌ CM CONFIGURATION MANAGEMENT
Descriptionβ
The organization analyzes changes to the information system to determine potential security impacts prior to change implementation.
Similarβ
- Internal
- ID:
dec-c-e7152985
- ID:
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST CSF v1.1 β πΌ PR.IP-1: A baseline configuration of information technology/industrial control systems is created and maintained incorporating security principles (e.g. concept of least functionality) | 4 | 14 | ||
| πΌ NIST CSF v1.1 β πΌ PR.IP-3: Configuration change control processes are in place | 4 | 4 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ CM-4 (1) SEPARATE TEST ENVIRONMENTS | ||||
| πΌ CM-4 (2) VERIFICATION OF SECURITY FUNCTIONS |