💼 CM-6 CONFIGURATION SETTINGS

ID: /frameworks/nist-sp-800-53-r4/cm/06

Description

The organization: CM-6a. Establishes and documents configuration settings for information technology products employed within the information system using [Assignment: organization-defined security configuration checklists] that reflect the most restrictive mode consistent with operational requirements; CM-6b. Implements the configuration settings; CM-6c. Identifies, documents, and approves any deviations from established configuration settings for [Assignment: organization-defined information system components] based on [Assignment: organization-defined operational requirements]; and CM-6d. Monitors and controls changes to the configuration settings in accordance with organizational policies and procedures.

Similar

Internal
- ID: dec-c-51ff4da8

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST CSF v1.1 → 💼 PR.IP-1: A baseline configuration of information technology/industrial control systems is created and maintained incorporating security principles (e.g. concept of least functionality)		4	26		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 CM-6 (1) AUTOMATED CENTRAL MANAGEMENT _ APPLICATION _ VERIFICATION					no data
💼 CM-6 (2) RESPOND TO UNAUTHORIZED CHANGES					no data
💼 CM-6 (3) UNAUTHORIZED CHANGE DETECTION					no data
💼 CM-6 (4) CONFORMANCE DEMONSTRATION					no data

Policies (1)

Policy	Logic Count	Flags	Compliance
🛡️ AWS S3 Bucket Versioning is not enabled🟢	1	🟢 x6	no data

Internal Rules

Rule	Policies	Flags
✉️ dec-x-2a9e5255	1

Description​

Similar​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (1)​

Internal Rules​