| Trust Interoperability Profile Name | Version |
|---|---|
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-2: Baseline Configuration. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-3 (1): Automated Document / Notification / Prohibition of Changes. Applicable to HIGH impact systems.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-3 (2): Test / Validate / Document Changes. Applicable to MODERATE impact and HIGH impact systems.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-3 (3): Automated Change Implementation.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-3 (4): Security Representative.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-3 (5): Automated Security Response.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-3 (6): Cryptography Management.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-3: Configuration Change Control. Applicable to MODERATE impact and HIGH impact systems.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-4 (1): Separate Test Environments. Applicable to HIGH impact systems.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-4 (2): Verification of Security Functions.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-4: Security Impact Analysis. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-5 (1): Automated Access Enforcement / Auditing. Applicable to HIGH impact systems.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-5 (2): Review System Changes. Applicable to HIGH impact systems.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-5 (3): Signed Components. Applicable to HIGH impact systems.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-5 (4): Dual Authorization.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-5 (5): Limit Production / Operational Privileges.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-5 (6): Limit Library Privileges.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-5: Access Restrictions for Change. Applicable to MODERATE impact and HIGH impact systems.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-6 (1): Automated Central Management / Application / Verification. Applicable to HIGH impact systems.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-6 (2): Respond to Unauthorized Changes. Applicable to HIGH impact systems.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-6: Configuration Settings. Applicable to LOW impact, MODERATE impact, and HIGH impact systems.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-7 (1): Periodic Review. Applicable to MODERATE impact and HIGH impact systems.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-7 (2): Prevent Program Execution. Applicable to MODERATE impact and HIGH impact systems.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-7 (3): Registration Compliance.
|
4 |
|
Profile of requirements corresponding to NIST Special Publication 800-53, r4, Security Control CM-7 (4): Unauthorized Software / Blacklisting. Applicable to MODERATE impact and HIGH impact systems.
|
4 |
