| TIP: NIST SP 800-53 r4 Security Control CM-7 (1): Periodic Review

NIST SP 800-53 r4 Security Control CM-7 (1): Periodic Review, v4

Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-7 (1): Periodic Review. Applicable to MODERATE impact and HIGH impact systems.

Identifier

https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-cm-7-_1__-periodic-review/4/

Publication Date

2021-04-26

Issuing Organization

TMI (https://trustmarkinitiative.org/) View Contact

No Responder

help@trustmarkinitiative.org

555-555-5555

No Mailing Address

Keywords

800-53, Configuration Management, High, Moderate, NIST, Periodic Review, Security

Legal Notice

This document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.

Tree View
Details View

Trust Expression:

TD_ref1 and TD_ref2 and TD_ref3 and TD_ref4 and TD_ref5 and TD_ref6 and TD_ref7 and TD_ref8

References (8)

TD Least Functionality \| Periodic Review of Ports, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization reviews the information system to identify unnecessary and/or nonsecure ports.
ID	TD_ref1
Provider Reference

TD Least Functionality \| Unnecessary / Insecure Services Disabled, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization disables services within the information system deemed to be unnecessary and/or nonsecure.
ID	TD_ref2
Provider Reference

TD Least Functionality \| Unnecessary / Insecure Ports Disabled, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization disables ports within the information system deemed to be unnecessary and/or nonsecure.
ID	TD_ref3
Provider Reference

TD Least Functionality \| Periodic Review Services, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization reviews the information system to identify unnecessary and/or nonsecure services.
ID	TD_ref4
Provider Reference

TD Least Functionality \| Unnecessary / Insecure Protocols Disabled, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization disables protocols within the information system deemed to be unnecessary and/or nonsecure.
ID	TD_ref5
Provider Reference

TD Least Functionality \| Unnecessary / Insecure Functions Disabled, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization disables functions within the information system deemed to be unnecessary and/or nonsecure.
ID	TD_ref6
Provider Reference

TD Least Functionality \| Periodic Review of Protocols, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization reviews the information system to identify unnecessary and/or nonsecure protocols.
ID	TD_ref7
Provider Reference

TD Least Functionality \| Periodic Review of Functions, v1.0
Description	Defines conformance and assessment criteria for verifying that an organization reviews the information system to identify unnecessary and/or nonsecure functions.
ID	TD_ref8
Provider Reference

Sources (1)

SP800-53R4	NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, April 2013 (Includes updates as of 01-15-2014). Available at http://dx.doi.org/10.6028/NIST.SP.800-53r4.

Also available as XML or JSON