💼 SA-10 Developer Configuration Management

• ID: /frameworks/nist-sp-800-53-r5/sa/10

Description

Require the developer of the system, system component, or system service to: a. Perform configuration management during system, component, or service [Selection (one or more): design; development; implementation; operation; disposal]; b. Document, manage, and control the integrity of changes to [Assignment: organization-defined configuration items under configuration management]; c. Implement only organization-approved changes to the system, component, or service; d. Document approved changes to the system, component, or service and the potential security and privacy impacts of such changes; and e. Track security flaws and flaw resolution within the system, component, or service and report findings to [Assignment: organization-defined personnel].

Similar

• Internal
  • ID: dec-c-fcea8890

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 FedRAMP High Security Controls → 💼 SA-10 Developer Configuration Management (M)(H)			3		no data
💼 NIST CSF v2.0 → 💼 ID.RA-09: The authenticity and integrity of hardware and software are assessed prior to acquisition and use			4		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 SA-10(1) Developer Configuration Management _ Software and Firmware Integrity Verification					no data
💼 SA-10(2) Developer Configuration Management _ Alternative Configuration Management Processes					no data
💼 SA-10(3) Developer Configuration Management _ Hardware Integrity Verification					no data
💼 SA-10(4) Developer Configuration Management _ Trusted Generation					no data
💼 SA-10(5) Developer Configuration Management _ Mapping Integrity for Version Control					no data
💼 SA-10(6) Developer Configuration Management _ Trusted Distribution					no data
💼 SA-10(7) Developer Configuration Management _ Security and Privacy Representatives					no data

Policies (3)

Policy	Logic Count	Flags	Compliance
🛡️ Google Cloud SQL Server Instance 3625 (trace flag) Database Flag is not set to on🟢	1	🟢 x6	no data
🛡️ Google Cloud SQL Server Instance user connections Database Flag is set to a limiting (other than 0) value🟢	1	🟢 x6	no data
🛡️ Google Cloud SQL Server Instance user options Database Flag is configured🟢	1	🟢 x6	no data