💼 SA-10 Developer Configuration Management
- ID:
/frameworks/nist-sp-800-53-r5/sa/10
Stats
not available
Description
Require the developer of the system, system component, or system service to: a. Perform configuration management during system, component, or service [Selection (one or more): design; development; implementation; operation; disposal]; b. Document, manage, and control the integrity of changes to [Assignment: organization-defined configuration items under configuration management]; c. Implement only organization-approved changes to the system, component, or service; d. Document approved changes to the system, component, or service and the potential security and privacy impacts of such changes; and e. Track security flaws and flaw resolution within the system, component, or service and report findings to [Assignment: organization-defined personnel].
Similar
- Internal
- ID:
dec-c-fcea8890
- ID:
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 FedRAMP High Security Controls → 💼 SA-10 Developer Configuration Management (M)(H) | 3 | no data | |||
| 💼 NIST CSF v2.0 → 💼 ID.RA-09: The authenticity and integrity of hardware and software are assessed prior to acquisition and use | 4 | no data |
Sub Sections
Policies (3)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ Google Cloud SQL Server Instance 3625 (trace flag) Database Flag is not set to on🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google Cloud SQL Server Instance user connections Database Flag is set to a limiting (other than 0) value🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google Cloud SQL Server Instance user options Database Flag is configured🟢 | 1 | 🟢 x6 | no data |