5.5: Implement Automated Configuration Monitoring Systems

CSF v1.1 References:

Threats Addressed:

Group:

Warning icon.

Control is withdrawn in the next version of this control set.

Control Statement

Utilize a Security Content Automation Protocol (SCAP) compliant configuration monitoring system to verify all security configuration elements, catalog approved exceptions, and alert when unauthorized changes occur.

[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]

Related Controls

NIST Special Publication 800-53 Revision 5

NIST Special Publication 800-171 Revision 2

NIST Special Publication 800-53 Revision 4