CM-5(1): Automated Access Enforcement and Audit Records
Control Family:
Parent Control:
CSF v1.1 References:
Threats Addressed:
Baselines:
- High
Previous Version:
- NIST Special Publication 800-53 Revision 4:
- CM-5(1): Automated Access Enforcement / Auditing
Control Statement
- Enforce access restrictions using [Assignment: organization-defined automated mechanisms]; and
- Automatically generate audit records of the enforcement actions.
Supplemental Guidance
Organizations log system accesses associated with applying configuration changes to ensure that configuration change control is implemented and to support after-the-fact actions should organizations discover any unauthorized changes.