Detections
Analytics

800-53|CM-5

Title

ACCESS RESTRICTIONS FOR CHANGE

Description

The organization defines, documents, approves, and enforces physical and logical access restrictions associated with changes to the information system.

Supplemental

Any changes to the hardware, software, and/or firmware components of information systems can potentially have significant effects on the overall security of the systems. Therefore, organizations permit only qualified and authorized individuals to access information systems for purposes of initiating changes, including upgrades and modifications. Organizations maintain records of access to ensure that configuration change control is implemented and to support after-the-fact actions should organizations discover any unauthorized changes. Access restrictions for change also include software libraries. Access restrictions include, for example, physical and logical access controls (see AC-3 and PE-3), workflow automation, media libraries, abstract layers (e.g., changes implemented into third-party interfaces rather than directly into information systems), and change windows (e.g., changes occur only during specified times, making unauthorized changes easy to discover).

Reference Item Details

Related: AC-3,AC-6,PE-3

Category: CONFIGURATION MANAGEMENT

Family: CONFIGURATION MANAGEMENT

Priority: P1

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.10 IBMW-LS-000340UnixCIS IBM WebSphere Liberty Server STIG v1.0.0 CAT II
1.10 RHEL-10-001020UnixCIS Red Hat Enterprise Linux 10 STIG v1.0.0 CAT II
1.11 RHEL-10-001030UnixCIS Red Hat Enterprise Linux 10 STIG v1.0.0 CAT I
1.12 RHEL-10-001040UnixCIS Red Hat Enterprise Linux 10 STIG v1.0.0 CAT I
1.13 EX19-ED-000053WindowsCIS Microsoft Exchange 2019 Edge Server STIG v1.0.0 CAT II
1.13 RHEL-10-001050UnixCIS Red Hat Enterprise Linux 10 STIG v1.0.0 CAT I
1.13 UBTU-24-100400UnixCIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II
1.14 UBTU-24-100410UnixCIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II
1.15 CISC-ND-000460CiscoCIS Cisco IOS XE Switch NDM STIG v1.1.0 CAT II
1.15 CISC-ND-000460CiscoCIS Cisco IOS Switch NDM STIG v1.1.0 CAT II
1.16 SQLI-22-006500MS_SQLDBCIS Microsoft SQL Server 2022 Instance STIG v1.0.0 CAT II MS_SQLDB
1.17 SQLI-22-006600MS_SQLDBCIS Microsoft SQL Server 2022 Instance STIG v1.0.0 CAT II MS_SQLDB
1.18 O19C-00-007300WindowsCIS Oracle Database 19c STIG v1.1.0 CAT II Windows
1.18 O19C-00-007300UnixCIS Oracle Database 19c STIG v1.1.0 CAT II Unix
1.18 SQLI-22-006700MS_SQLDBCIS Microsoft SQL Server 2022 Instance STIG v1.0.0 CAT I MS_SQLDB
1.18 UBTU-22-232015UnixCIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II
1.18 VCSA-80-000095VMwareCIS VMware vSphere 8.0 vCenter STIG v1.0.0 CAT II
1.19 SQLI-22-006800MS_SQLDBCIS Microsoft SQL Server 2022 Instance STIG v1.0.0 CAT II MS_SQLDB
1.107 RHEL-10-400105UnixCIS Red Hat Enterprise Linux 10 STIG v1.0.0 CAT II
1.108 RHEL-09-232010UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.108 RHEL-10-400110UnixCIS Red Hat Enterprise Linux 10 STIG v1.0.0 CAT II
1.109 RHEL-09-232015UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.109 RHEL-10-400100UnixCIS Red Hat Enterprise Linux 10 STIG v1.0.0 CAT II
1.110 RHEL-09-232020UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.110 RHEL-10-400120UnixCIS Red Hat Enterprise Linux 10 STIG v1.0.0 CAT II
1.111 RHEL-10-400125UnixCIS Red Hat Enterprise Linux 10 STIG v1.0.0 CAT II
1.112 RHEL-10-400115UnixCIS Red Hat Enterprise Linux 10 STIG v1.0.0 CAT II
1.119 UBTU-22-653010UnixCIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II
1.120 UBTU-22-653015UnixCIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II
1.126 AZLX-23-002280UnixCIS Amazon Linux 2023 STIG v1.0.0 CAT II
1.127 AZLX-23-002285UnixCIS Amazon Linux 2023 STIG v1.0.0 CAT II
1.128 AZLX-23-002290UnixCIS Amazon Linux 2023 STIG v1.0.0 CAT II
1.128 RHEL-10-400205UnixCIS Red Hat Enterprise Linux 10 STIG v1.0.0 CAT II
1.129 AZLX-23-002295UnixCIS Amazon Linux 2023 STIG v1.0.0 CAT II
1.129 RHEL-10-400210UnixCIS Red Hat Enterprise Linux 10 STIG v1.0.0 CAT II
1.130 AZLX-23-002300UnixCIS Amazon Linux 2023 STIG v1.0.0 CAT II
1.130 RHEL-10-400215UnixCIS Red Hat Enterprise Linux 10 STIG v1.0.0 CAT II
1.131 AZLX-23-002305UnixCIS Amazon Linux 2023 STIG v1.0.0 CAT II
1.138 AZLX-23-002345UnixCIS Amazon Linux 2023 STIG v1.0.0 CAT II
1.139 APPL-14-005001UnixCIS Apple macOS 14 Sonoma STIG v1.0.0 CAT I
1.139 AZLX-23-002350UnixCIS Amazon Linux 2023 STIG v1.0.0 CAT II
1.146 RHEL-09-232190UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.147 RHEL-09-232195UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.148 RHEL-09-232200UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.149 RHEL-09-232205UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.150 RHEL-09-232210UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.151 RHEL-09-232215UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.151 SLES-15-030640UnixCIS SUSE Linux Enterprise Server 15 STIG v1.0.0 CAT III
1.152 SLES-15-030650UnixCIS SUSE Linux Enterprise Server 15 STIG v1.0.0 CAT II
1.182 AZLX-23-002575UnixCIS Amazon Linux 2023 STIG v1.0.0 CAT II