Manual Examination CM_05_1_II

This NIST 800-53 report is posted on the Internet to promote Version 3.0 of LJK/Security . The corresponding vulnerability report for your own system should be guarded more carefully, such as by being reviewed only from local HTML disk files rather than via a web server.
Return to Main Page
Manual Examination CM_05_1_II_4

FIPS 199 High Impact (for ICS)

Findings Color Code
Satisfied
Other Than Satisfied - not assessed
Other Than Satisfied - failed

NIST SP 800-53A CM-05 .01(ii)

Question: Do the configuration management policy and the procedures addressing access restrictions for changes to the information system and the information system architecture and configuration documentation specify that the organization generate, retain, and review records reflecting all such changes to the information system ?

Answered by: BOSTON::HARRISON

As part of Manual Examination group: POLICY_CM

Answer: YES

This NIST 800-53 report is posted on the Internet to promote Version 3.0 of LJK/Security . The corresponding vulnerability report for your own system should be guarded more carefully, such as by being reviewed only from local HTML disk files rather than via a web server.