CM-3(5)

Requirement

Implement the following security responses automatically if baseline configurations are changed in an unauthorized manner: [Assignment: organization-defined security responses].

Discussion

Automated security responses include halting selected system functions, halting system processing, and issuing alerts or notifications to organizational personnel when there is an unauthorized modification of a configuration item.

NIST 800-53A Assessment Guidance

Examine

[SELECT FROM: System security plan; configuration management policy; procedures addressing system configuration change control; configuration management plan; system design documentation; system architecture and configuration documentation; system configuration settings and associated documentation; alerts/notifications of unauthorized baseline configuration changes; system audit records; other relevant documents or records].

Interview

[SELECT FROM: Organizational personnel with configuration change control responsibilities; organizational personnel with information security responsibilities; system/network administrators; system developers; members of change control board or similar].

Test

[SELECT FROM: Organizational processes for configuration change control; automated mechanisms implementing security responses to unauthorized changes to the baseline configurations].

ID	Assessment Objectives
CM-03(05)	<CM-03(05)_ODP security responses> are automatically implemented if baseline configurations are changed in an unauthorized manner.

Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!