| TIP: NIST SP 800-53 r4 - Security Control Family: Configuration Management

NIST SP 800-53 r4 - Security Control Family: Configuration Management - Supplemental Controls, v4

Profile of requirements corresponding to all supplemental security controls in NIST Special Publication 800-53, r4, under the control family of Configuration Management.

Identifier

https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4---security-control-family_-configuration-management---supplemental-controls/4/

Publication Date

2021-04-26

Issuing Organization

TMI (https://trustmarkinitiative.org/) View Contact

No Responder

help@trustmarkinitiative.org

555-555-5555

No Mailing Address

Keywords

800-53, Configuration Management, NIST, Security, Supplemental

Legal Notice

This document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.

Tree View
Details View

Trust Expression:

TIP_NISTSP80053r4SecurityControlCM26DevelopmentandTestEnvironments and TIP_NISTSP80053r4SecurityControlCM33AutomatedChangeImplementation and TIP_NISTSP80053r4SecurityControlCM34SecurityRepresentative and TIP_NISTSP80053r4SecurityControlCM35AutomatedSecurityResponse and TIP_NISTSP80053r4SecurityControlCM36CryptographyManagement and TIP_NISTSP80053r4SecurityControlCM42VerificationofSecurityFunctions and TIP_NISTSP80053r4SecurityControlCM54DualAuthorization and TIP_NISTSP80053r4SecurityControlCM55LimitProductionOperationalPrivileges and TIP_NISTSP80053r4SecurityControlCM56LimitLibraryPrivileges and TIP_NISTSP80053r4SecurityControlCM73RegistrationCompliance and TIP_NISTSP80053r4SecurityControlCM86AssessedConfigurationsApprovedDeviations and TIP_NISTSP80053r4SecurityControlCM87CentralizedRepository and TIP_NISTSP80053r4SecurityControlCM88AutomatedLocationTracking and TIP_NISTSP80053r4SecurityControlCM89AssignmentofComponentstoSystems and TIP_NISTSP80053r4SecurityControlCM91AssignmentofResponsibility and TIP_NISTSP80053r4SecurityControlCM101OpenSourceSoftware and TIP_NISTSP80053r4SecurityControlCM111AlertsforUnauthorizedInstallations and TIP_NISTSP80053r4SecurityControlCM112ProhibitInstallationWithoutPrivilegedStatus

References (18)

TIP NIST SP 800-53 r4 Security Control CM-2 (6): Development and Test Environments, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-2 (6): Development and Test Environments.
ID	TIP_NISTSP80053r4SecurityControlCM26DevelopmentandTestEnvironments

TIP NIST SP 800-53 r4 Security Control CM-3 (3): Automated Change Implementation, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-3 (3): Automated Change Implementation.
ID	TIP_NISTSP80053r4SecurityControlCM33AutomatedChangeImplementation

TIP NIST SP 800-53 r4 Security Control CM-3 (4): Security Representative, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-3 (4): Security Representative.
ID	TIP_NISTSP80053r4SecurityControlCM34SecurityRepresentative

TIP NIST SP 800-53 r4 Security Control CM-3 (5): Automated Security Response, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-3 (5): Automated Security Response.
ID	TIP_NISTSP80053r4SecurityControlCM35AutomatedSecurityResponse

TIP NIST SP 800-53 r4 Security Control CM-3 (6): Cryptography Management, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-3 (6): Cryptography Management.
ID	TIP_NISTSP80053r4SecurityControlCM36CryptographyManagement

TIP NIST SP 800-53 r4 Security Control CM-4 (2): Verification of Security Functions, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-4 (2): Verification of Security Functions.
ID	TIP_NISTSP80053r4SecurityControlCM42VerificationofSecurityFunctions

TIP NIST SP 800-53 r4 Security Control CM-5 (4): Dual Authorization, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-5 (4): Dual Authorization.
ID	TIP_NISTSP80053r4SecurityControlCM54DualAuthorization

TIP NIST SP 800-53 r4 Security Control CM-5 (5): Limit Production / Operational Privileges, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-5 (5): Limit Production / Operational Privileges.
ID	TIP_NISTSP80053r4SecurityControlCM55LimitProductionOperationalPrivileges

TIP NIST SP 800-53 r4 Security Control CM-5 (6): Limit Library Privileges, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-5 (6): Limit Library Privileges.
ID	TIP_NISTSP80053r4SecurityControlCM56LimitLibraryPrivileges

TIP NIST SP 800-53 r4 Security Control CM-7 (3): Registration Compliance, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-7 (3): Registration Compliance.
ID	TIP_NISTSP80053r4SecurityControlCM73RegistrationCompliance

TIP NIST SP 800-53 r4 Security Control CM-8 (6): Assessed Configurations / Approved Deviations, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-8 (6): Assessed Configurations / Approved Deviations.
ID	TIP_NISTSP80053r4SecurityControlCM86AssessedConfigurationsApprovedDeviations

TIP NIST SP 800-53 r4 Security Control CM-8 (7): Centralized Repository, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-8 (7): Centralized Repository.
ID	TIP_NISTSP80053r4SecurityControlCM87CentralizedRepository

TIP NIST SP 800-53 r4 Security Control CM-8 (8): Automated Location Tracking, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-8 (8): Automated Location Tracking.
ID	TIP_NISTSP80053r4SecurityControlCM88AutomatedLocationTracking

TIP NIST SP 800-53 r4 Security Control CM-8 (9): Assignment of Components to Systems, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-8 (9): Assignment of Components to Systems.
ID	TIP_NISTSP80053r4SecurityControlCM89AssignmentofComponentstoSystems

TIP NIST SP 800-53 r4 Security Control CM-9 (1): Assignment of Responsibility, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-9 (1): Assignment of Responsibility.
ID	TIP_NISTSP80053r4SecurityControlCM91AssignmentofResponsibility

TIP NIST SP 800-53 r4 Security Control CM-10 (1): Open Source Software, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-10 (1): Open Source Software.
ID	TIP_NISTSP80053r4SecurityControlCM101OpenSourceSoftware

TIP NIST SP 800-53 r4 Security Control CM-11 (1): Alerts for Unauthorized Installations, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-11 (1): Alerts for Unauthorized Installations.
ID	TIP_NISTSP80053r4SecurityControlCM111AlertsforUnauthorizedInstallations

TIP NIST SP 800-53 r4 Security Control CM-11 (2): Prohibit Installation Without Privileged Status, v4
Description	Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-11 (2): Prohibit Installation Without Privileged Status.
ID	TIP_NISTSP80053r4SecurityControlCM112ProhibitInstallationWithoutPrivilegedStatus

Sources (1)

SP800-53R4	NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, April 2013 (Includes updates as of 01-15-2014). Available at http://dx.doi.org/10.6028/NIST.SP.800-53r4.

Also available as XML or JSON