PR.PS-01—Configuration management practices are established and applied
>Control Description
This platform security subcategory ensures that configuration management practices are established and applied. Key activities include: Establish, test, deploy, and maintain hardened baselines that enforce the organization’s cybersecurity policies and provide only essential capabili...; Review all default configuration settings that may potentially impact cybersecurity when installing or upgrading software; Monitor implemented software for deviations from approved baselines.
>Cross-Framework Mappings
NIST SP 800-53 r5
via NIST CSF 2.0 Concept CrosswalkPCI DSS v4.0.1
via NIST OLIR CatalogISO 27001:2022
via NIST OLIR Catalog>Informative References
Official NIST mappings to external frameworks and standards. Source: NIST CSF 2.0
CCMv4.0
AIS-02
AIS-04
AIS-05
AIS-06
CCC-01
CCC-02
CCC-06
CCC-07
+10 more
CIS Controls v8.0
4.1
4.2
CIS Controls v8.1
4.1
4.2
CRI Profile v2.0
PR.PS-01
PR.PS-01.01
PR.PS-01.02
PR.PS-01.03
PR.PS-01.04
PR.PS-01.05
PR.PS-01.06
PR.PS-01.07
+2 more
CSF v1.1
PR.IP-1
PR.IP-3
PR.PT-2
PR.PT-3
ISO/IEC 27001:2022
Mandatory Clause: 9.3
Annex A Controls: 8.9
NICE Framework
DD-WRL-001
DD-WRL-002
IO-WRL-005
OG-WRL-013
PD-WRL-004
PCI DSS
2.2.1
2.2.2
SCF
CFG-01
SP 800-171 Rev 3
03.04.01
03.04.02
03.04.03
03.04.04
03.04.05
03.04.06
03.04.08
03.04.10
+2 more
SP 800-218
PO.5.2
PS.1.1
SP 800-53 Rev 5.1.1
CM-01
CM-02
CM-03
CM-04
CM-05
CM-06
CM-07
CM-08
+3 more
SP 800-53 Rev 5.2.0
CM-01
CM-02
CM-03
CM-04
CM-05
CM-06
CM-07
CM-08
+3 more
Ask AI
Configure your API key to use AI features.