NIST SP 800-53 r4 Security Control CM-7 (1): Periodic Review, v4
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-7 (1): Periodic Review. Applicable to MODERATE impact and HIGH impact systems.
| Identifier | https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-cm-7-_1__-periodic-review/4/ | ||||
| Publication Date | 2021-04-26 | ||||
| Issuing Organization |
Trustmark Initiative (https://trustmarkinitiative.org/)
View Contact
|
||||
| Keywords | 800-53, Configuration Management, High, Moderate, NIST, Periodic Review, Security | ||||
| Legal Notice | This document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein. |
Loading...
Trust Expression:
TD_ref1 and TD_ref2 and TD_ref3 and TD_ref4 and TD_ref5 and TD_ref6 and TD_ref7 and TD_ref8
References (8)
| TD Least Functionality | Periodic Review of Ports, v1.0 | |
|---|---|
| Description | Defines conformance and assessment criteria for verifying that an organization reviews the information system to identify unnecessary and/or nonsecure ports. |
| ID | TD_ref1 |
| Provider Reference | |
| TD Least Functionality | Unnecessary / Insecure Services Disabled, v1.0 | |
|---|---|
| Description | Defines conformance and assessment criteria for verifying that an organization disables services within the information system deemed to be unnecessary and/or nonsecure. |
| ID | TD_ref2 |
| Provider Reference | |
| TD Least Functionality | Unnecessary / Insecure Ports Disabled, v1.0 | |
|---|---|
| Description | Defines conformance and assessment criteria for verifying that an organization disables ports within the information system deemed to be unnecessary and/or nonsecure. |
| ID | TD_ref3 |
| Provider Reference | |
| TD Least Functionality | Periodic Review Services, v1.0 | |
|---|---|
| Description | Defines conformance and assessment criteria for verifying that an organization reviews the information system to identify unnecessary and/or nonsecure services. |
| ID | TD_ref4 |
| Provider Reference | |
| TD Least Functionality | Unnecessary / Insecure Protocols Disabled, v1.0 | |
|---|---|
| Description | Defines conformance and assessment criteria for verifying that an organization disables protocols within the information system deemed to be unnecessary and/or nonsecure. |
| ID | TD_ref5 |
| Provider Reference | |
| TD Least Functionality | Unnecessary / Insecure Functions Disabled, v1.0 | |
|---|---|
| Description | Defines conformance and assessment criteria for verifying that an organization disables functions within the information system deemed to be unnecessary and/or nonsecure. |
| ID | TD_ref6 |
| Provider Reference | |
| TD Least Functionality | Periodic Review of Protocols, v1.0 | |
|---|---|
| Description | Defines conformance and assessment criteria for verifying that an organization reviews the information system to identify unnecessary and/or nonsecure protocols. |
| ID | TD_ref7 |
| Provider Reference | |
| TD Least Functionality | Periodic Review of Functions, v1.0 | |
|---|---|
| Description | Defines conformance and assessment criteria for verifying that an organization reviews the information system to identify unnecessary and/or nonsecure functions. |
| ID | TD_ref8 |
| Provider Reference | |
Sources (1)
| SP800-53R4 | NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, April 2013 (Includes updates as of 01-15-2014). Available at http://dx.doi.org/10.6028/NIST.SP.800-53r4. |