Skip to main content

💼 CM-6 CONFIGURATION SETTINGS

  • Contextual name: 💼 CM-6 CONFIGURATION SETTINGS
  • ID: /frameworks/nist-sp-800-53-r4/cm/06
  • Located in: 💼 CM CONFIGURATION MANAGEMENT

Description

The organization: CM-6a. Establishes and documents configuration settings for information technology products employed within the information system using [Assignment: organization-defined security configuration checklists] that reflect the most restrictive mode consistent with operational requirements; CM-6b. Implements the configuration settings; CM-6c. Identifies, documents, and approves any deviations from established configuration settings for [Assignment: organization-defined information system components] based on [Assignment: organization-defined operational requirements]; and CM-6d. Monitors and controls changes to the configuration settings in accordance with organizational policies and procedures.

Similar

  • Internal
    • ID: dec-c-51ff4da8

Similar Sections (Give Policies To)

SectionSub SectionsInternal RulesPoliciesFlags
💼 NIST CSF v1.1 → 💼 PR.IP-1: A baseline configuration of information technology/industrial control systems is created and maintained incorporating security principles (e.g. concept of least functionality)426

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlags
💼 CM-6 (1) AUTOMATED CENTRAL MANAGEMENT _ APPLICATION _ VERIFICATION
💼 CM-6 (2) RESPOND TO UNAUTHORIZED CHANGES
💼 CM-6 (3) UNAUTHORIZED CHANGE DETECTION
💼 CM-6 (4) CONFORMANCE DEMONSTRATION

Policies (1)

PolicyLogic CountFlags
📝 AWS S3 Bucket Versioning is not enabled 🟢1🟢 x6

Internal Rules

RulePoliciesFlags
✉️ dec-x-2a9e52551