💼 CM-7(5) Least Functionality | Authorized Software — Allow-by-exception

Contextual name: 💼 CM-7(5) Least Functionality | Authorized Software — Allow-by-exception
ID: /frameworks/nist-sp-800-53-r5/cm/07/05
Located in: 💼 CM-7 Least Functionality

Description

(a) Identify [Assignment: organization-defined software programs authorized to execute on the system]; (b) Employ a deny-all, permit-by-exception policy to allow the execution of authorized software programs on the system; and (c) Review and update the list of authorized software programs [Assignment: organization-defined frequency].

Similar

Internal
- ID: dec-c-271b94c9

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 FedRAMP High Security Controls → 💼 CM-7(5) Authorized Software — Allow-by-exception (M)(H)

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Description​

Similar​

Similar Sections (Give Policies To)​

Sub Sections​

Description

Similar

Similar Sections (Give Policies To)

Sub Sections