Information Security Governance Papers
| Paper Title | Configuration Management and Control30 |
|---|---|
| The Abstract of The Paper |
Ensure adequate consideration of the potential security impacts due to specific changes to an information system or its surrounding environment. CM and configuration control procedures are critical to establishing an initial baseline of hardware, software, and firmware components for the information system and for subsequently controlling and maintaining an accurate inventory of any changes to the system.
Develop CM plan − Establish baselines − Identify configuration − Describe configuration control process − Identify schedule for configuration audits |
| Web Link | http://csrc.nist.gov/publications/nistpubs/800-100/SP800-100-Mar07-2007.pdf |