National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

NIST Special Publication 800-53 (Rev. 4)

Security Controls and Assessment Procedures for Federal Information Systems and Organizations

Configuration Management Control Family

Showing 11 controls:
No. Control Priority Low Moderate High
CM-1 CONFIGURATION MANAGEMENT POLICY AND PROCEDURES P1 CM-1 CM-1 CM-1
CM-2 BASELINE CONFIGURATION P1 CM-2 CM-2 (1) (3) (7) CM-2 (1) (2) (3) (7)
CM-3 CONFIGURATION CHANGE CONTROL P1 CM-3 (2) CM-3 (1) (2)
CM-4 SECURITY IMPACT ANALYSIS P2 CM-4 CM-4 CM-4 (1)
CM-5 ACCESS RESTRICTIONS FOR CHANGE P1 CM-5 CM-5 (1) (2) (3)
CM-6 CONFIGURATION SETTINGS P1 CM-6 CM-6 CM-6 (1) (2)
CM-7 LEAST FUNCTIONALITY P1 CM-7 CM-7 (1) (2) (4) CM-7 (1) (2) (5)
CM-8 INFORMATION SYSTEM COMPONENT INVENTORY P1 CM-8 CM-8 (1) (3) (5) CM-8 (1) (2) (3) (4) (5)
CM-9 CONFIGURATION MANAGEMENT PLAN P1 CM-9 CM-9
CM-10 SOFTWARE USAGE RESTRICTIONS P2 CM-10 CM-10 CM-10
CM-11 USER-INSTALLED SOFTWARE P1 CM-11 CM-11 CM-11