πΌ CM-6 Configuration Settings
- Contextual name: πΌ CM-6 Configuration Settings
- ID:
/frameworks/nist-sp-800-53-r5/cm/06 - Located in: πΌ CM Configuration Management
Descriptionβ
a. Establish and document configuration settings for components employed within the system that reflect the most restrictive mode consistent with operational requirements using [Assignment: organization-defined common secure configurations]; b. Implement the configuration settings; c. Identify, document, and approve any deviations from established configuration settings for [Assignment: organization-defined system components] based on [Assignment: organization-defined operational requirements]; and d. Monitor and control changes to the configuration settings in accordance with organizational policies and procedures.
Similarβ
- Internal
- ID:
dec-c-3ceaf422
- ID:
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ FedRAMP High Security Controls β πΌ CM-6 Configuration Settings (L)(M)(H) | 2 | 1 | ||
| πΌ FedRAMP Low Security Controls β πΌ CM-6 Configuration Settings (L)(M)(H) | ||||
| πΌ NIST CSF v2.0 β πΌ DE.CM-09: Computing hardware and software, runtime environments, and their data are monitored to find potentially adverse events | 89 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ CM-6(1) Configuration Settings _ Automated Management, Application, and Verification | 1 | |||
| πΌ CM-6(2) Configuration Settings _ Respond to Unauthorized Changes | ||||
| πΌ CM-6(3) Configuration Settings _ Unauthorized Change Detection | ||||
| πΌ CM-6(4) Configuration Settings _ Conformance Demonstration |