CFG-02.5 ยท Configure Technology Assets, Applications and/or Services (TAAS) for High-Risk Areas

Control Description

Mechanisms exist to configure Technology Assets, Applications and/or Services (TAAS) utilized in high-risk areas with more restrictive baseline configurations.

Control Question
Assessment question for control validation

Does the organization configure Technology Assets, Applications and/or Services (TAAS) utilized in high-risk areas with more restrictive baseline configurations?

Control Weighting
8
Validation Cadence
Annual
NIST CSF Function
Protect
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 2 - Operational
Tier 3 - Tactical
Core Control Designations
Special designations and baseline inclusions
MAD: CFG-02.5
ESP Level 1: CFG-02.5
ESP Level 2: CFG-02.5
ESP Level 3: CFG-02.5
AI Model: CFG-02.5
Errata & Additional Notes

-wordsmithed control