💼 CM-7(5) Least Functionality | Authorized Software — Allow-by-exception
- ID:
/frameworks/nist-sp-800-53-r5/cm/07/05
Stats​
not available
Description​
(a) Identify [Assignment: organization-defined software programs authorized to execute on the system]; (b) Employ a deny-all, permit-by-exception policy to allow the execution of authorized software programs on the system; and (c) Review and update the list of authorized software programs [Assignment: organization-defined frequency].
Similar​
- Internal
- ID:
dec-c-271b94c9
- ID:
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 FedRAMP High Security Controls → 💼 CM-7(5) Authorized Software — Allow-by-exception (M)(H) | no data |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|