NIST 800-53 · CM — Configuration Management
CM-6 Configuration settings
Establish, document and enforce secure configuration settings for system components.
Mapped across 10 provisions
Equivalent and related requirements in other frameworks and regulations.
- ISO 27001EquivalentOfficial mapping
Source: NIST SP 800-53 Rev. 5 / ISO/IEC 27001
A.8.9 Configuration managementSecure configuration & hardening
- NIST CSF 2.0EquivalentOfficial mapping
Source: NIST CSF 2.0 / SP 800-53 Rev. 5
PR.PS-01 Configuration management practices establishedSecure configuration & hardening
- CIS Controls v8EquivalentCurated4.1 Establish and maintain a secure configuration process
Secure configuration & hardening
- Cyber EssentialsEquivalentCuratedCE-2 Secure configuration
Secure configuration & hardening
- Cyber EssentialsPartialCuratedCE-1 Firewalls
Secure configuration & hardening
- Essential EightPartialCuratedE8-5 Application control
Secure configuration & hardening
- Essential EightPartialCuratedE8-6 Restrict Microsoft Office macros
Secure configuration & hardening
- Essential EightPartialCuratedE8-7 User application hardening
Secure configuration & hardening
- NIST 800-171EquivalentCurated3.4.2 Establish and enforce security configuration settings
Secure configuration & hardening
- PCI DSSEquivalentCuratedReq. 2 Apply secure configurations to all system components
Secure configuration & hardening