CM-6(2): Respond To Unauthorized Changes

CSF v1.1 References:


  • High

Next Version:

Control Statement

The organization employs [Assignment: organization-defined security safeguards] to respond to unauthorized changes to [Assignment: organization-defined configuration settings].

Supplemental Guidance

Responses to unauthorized changes to configuration settings can include, for example, alerting designated organizational personnel, restoring established configuration settings, or in extreme cases, halting affected information system processing.