>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

CM-1Policy and Procedures

>Control Description

a

Develop, document, and disseminate to organization-defined personnel or roles: (a) Addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and (b) Is consistent with applicable laws, executive orders, directives, regulations, policies, standards, and guidelines; and

1.

[Selection (one or more): Organization-level; Mission/business process-level; System-level] configuration management policy that:

2.

Procedures to facilitate the implementation of the configuration management policy and the associated configuration management controls;

b

Designate an organization-defined official to manage the development, documentation, and dissemination of the configuration management policy and procedures; and

c

Review and update the current configuration management:

1.

Policy organization-defined frequency and following organization-defined events; and

2.

Procedures organization-defined frequency and following organization-defined events.

>Related Controls

PM-9
PS-8
SA-8
SI-12

Ask AI

Configure your API key to use AI features.