Skip to main content

πŸ’Ό CM-6 CONFIGURATION SETTINGS

  • Contextual name: πŸ’Ό CM-6 CONFIGURATION SETTINGS
  • ID: /frameworks/nist-sp-800-53-r4/cm/06
  • Located in: πŸ’Ό CM CONFIGURATION MANAGEMENT

Description​

The organization: CM-6a. Establishes and documents configuration settings for information technology products employed within the information system using [Assignment: organization-defined security configuration checklists] that reflect the most restrictive mode consistent with operational requirements; CM-6b. Implements the configuration settings; CM-6c. Identifies, documents, and approves any deviations from established configuration settings for [Assignment: organization-defined information system components] based on [Assignment: organization-defined operational requirements]; and CM-6d. Monitors and controls changes to the configuration settings in accordance with organizational policies and procedures.

Similar​

  • Internal
    • ID: dec-c-51ff4da8

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό PR.IP-1: A baseline configuration of information technology/industrial control systems is created and maintained incorporating security principles (e.g. concept of least functionality)414

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό CM-6 (1) AUTOMATED CENTRAL MANAGEMENT _ APPLICATION _ VERIFICATION
πŸ’Ό CM-6 (2) RESPOND TO UNAUTHORIZED CHANGES
πŸ’Ό CM-6 (3) UNAUTHORIZED CHANGE DETECTION
πŸ’Ό CM-6 (4) CONFORMANCE DEMONSTRATION

Policies (1)​

PolicyLogic CountFlags
πŸ“ AWS S3 Bucket Versioning is not enabled 🟒1🟒 x6

Internal Rules​

RulePoliciesFlags
βœ‰οΈ dec-x-2a9e52551