https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-security-control-sa-10_-developer-configuration-management/4/NIST SP 800-53 r4 Security Control SA-10: Developer Configuration Management4Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control SA-10: Developer Configuration Management. Applicable to MODERATE impact and HIGH impact systems.2021-04-26T00:00:00.000ZfalseThis document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.https://trustmarkinitiative.org/TMIPRIMARYhelp@trustmarkinitiative.org555-555-5555https://trustmarkinitiative.org/800-53Developer Configuration ManagementHighModerateNISTP1SecurityServices AcquisitionSystemhttps://artifacts.trustmarkinitiative.org/lib/tds/developer-configuration-management-during-design/1.0/1Developer Configuration Management During Design1.0Defines conformance and assessment criteria for verifying that an organization requires the developer of the information system, system component, or information system service to perform configuration management during system, component, or service design.https://artifacts.trustmarkinitiative.org/lib/tds/developer-configuration-management---implementation-of-changes/1.0/2Developer Configuration Management - Implementation of Changes1.0Defines conformance and assessment criteria for verifying that an organization requires the developer of the information system, system component, or information system service to implement only organization-approved changes to the system, component, or service.https://artifacts.trustmarkinitiative.org/lib/tds/developer-configuration-management---document-approved-changes/1.0/3Developer Configuration Management - Document Approved Changes1.0Defines conformance and assessment criteria for verifying that an organization requires the developer of the information system, system component, or information system service to document approved changes to the system, component, or service and the potential security impacts of such changes.https://artifacts.trustmarkinitiative.org/lib/tds/developer-configuration-management-during-development/1.0/4Developer Configuration Management During Development1.0Defines conformance and assessment criteria for verifying that an organization requires the developer of the information system, system component, or information system service to perform configuration management during system, component, or service development.https://artifacts.trustmarkinitiative.org/lib/tds/developer-configuration-management---track-security-flaws/1.0/5Developer Configuration Management - Track Security Flaws1.0Defines conformance and assessment criteria for verifying that an organization requires the developer of the information system, system component, or information system service to track security flaws and flaw resolution within the system, component, or service and report findings to organization-defined personnel.https://artifacts.trustmarkinitiative.org/lib/tds/developer-configuration-management-during-implementation/1.0/6Developer Configuration Management During Implementation1.0Defines conformance and assessment criteria for verifying that an organization requires the developer of the information system, system component, or information system service to perform configuration management during system, component, or service implementation.https://artifacts.trustmarkinitiative.org/lib/tds/developer-configuration-management---document-changes-to-cm-items/1.0/7Developer Configuration Management - Document Changes to CM Items1.0Defines conformance and assessment criteria for verifying that an organization requires the developer of the information system, system component, or information system service to document, manage, and control the integrity of changes to organization-defined configuration items under configuration management.https://artifacts.trustmarkinitiative.org/lib/tds/developer-configuration-management-during-operation/1.0/8Developer Configuration Management During Operation1.0Defines conformance and assessment criteria for verifying that an organization requires the developer of the information system, system component, or information system service to perform configuration management during system, component, or service operation.SP800-53R4NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, April 2013 (Includes updates as of 01-15-2014). Available at <a href="http://dx.doi.org/10.6028/NIST.SP.800-53r4">http://dx.doi.org/10.6028/NIST.SP.800-53r4</a>.