CM-4(2)
-
Requirement
After system changes, verify that the impacted controls are implemented correctly, operating as intended, and producing the desired outcome with regard to meeting the security and privacy requirements for the system.
-
Discussion
Implementation in this context refers to installing changed code in the operational system that may have an impact on security or privacy controls.
NIST 800-53A Assessment Guidance
CMMC Training
Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!