CM-7(4)—Unauthorized Software -- Deny-By-Exception
>Control Description
Enterprises should define requirements and deploy appropriate processes to specify and detect software that is not allowed. This can be aided by defining a requirement to, at a minimum, not use disreputable or unauthorized software. Enterprises should require their prime contractors to implement this control and flow down this requirement to relevant sub-tier contractors
>Cross-Framework Mappings
Ask AI
Configure your API key to use AI features.