CM-7(2)

  • Requirement

    Prevent program execution in accordance with [Selection (one or more): [Assignment: organization-defined policies, rules of behavior, and/or access agreements regarding software program usage and restrictions]; rules authorizing the terms and conditions of software program usage].

  • Discussion

    Prevention of program execution addresses organizational policies, rules of behavior, and/or access agreements that restrict software usage and the terms and conditions imposed by the developer or manufacturer, including software licensing and copyrights. Restrictions include prohibiting auto-execute features, restricting roles allowed to approve program execution, permitting or prohibiting specific software programs, or restricting the number of program instances executed at the same time.

More Info

  • Title

    Least Functionality | Prevent Program Execution
  • Family

    Configuration Management
  • NIST 800-53B Baseline(s)

    • Moderate
    • High
  • Related NIST 800-53 ID

    CM-8;PL-4;PL-9;PM-5;PS-6

NIST 800-53A Assessment Guidance

CMMC Training

Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!