CM-5(1): Automated Access Enforcement / Auditing

Control Family:

Configuration Management

Parent Control:

CM-5: Access Restrictions For Change

Priority:

P1: Implement P1 security controls first.

CSF v1.1 References:

PR.IP-1

Threats Addressed:

Tampering

Baselines:

High

Next Version:

NIST Special Publication 800-53 Revision 5:
CM-5(1): Automated Access Enforcement and Audit Records

Control Statement

The information system enforces access restrictions and supports auditing of the enforcement actions.