CM-05.1: Automated Access Enforcement and Audit...

CM-05.1 · Automated Access Enforcement and Audit Records

Control Description

Enforce access restrictions using {{ insert: param, cm-05.01_odp }} ; and Automatically generate audit records of the enforcement actions.

Impact Baselines

Security baselines where this control applies

Not in any baseline

Control Properties

SP800-53-enhancement

system

Enhancement

Control Statement

The control requirements

(a) Enforce access restrictions using {{ insert: param, cm-05.01_odp }} ; and

(b) Automatically generate audit records of the enforcement actions.

Supplemental Guidance

Organizations log system accesses associated with applying configuration changes to ensure that configuration change control is implemented and to support after-the-fact actions should organizations discover any unauthorized changes.

Related NIST Controls

Other NIST 800-53 controls related to this one