CCI-001759

The organization employs organization-defined security safeguards to respond to unauthorized changes to organization-defined configuration settings.

Implementation Guidance

The organization being inspected/assessed documents and implements security safeguards defined in CM-6 (2), CCI 1757 to respond to unauthorized changes to security related configuration settings defined at the program/system level. The organization must maintain an audit trail of security safeguard implementation. DoD has defined the configuration settings as security related configuration settings defined at the program/system level.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented process and the audit trail of security safeguard implementation to ensure the organization being inspected/assessed implements security safeguards defined in CM-6 (2), CCI 1757 to respond to unauthorized changes to security related configuration settings defined at the program/system level. DoD has defined the configuration settings as security related configuration settings defined at the program/system level.

Compelling Evidence

1.) Documented security safeguards defined in CM-6 (2), CCI 1757 to respond to unauthorized changes to security related configuration settings defined at the program/system level 2.) Audit trail

The controls below (if any) were marked by NIST as being related to CCI-001759.