CIS Controls v8 · Control 4: Secure Configuration of Assets and Software
4.1 Establish and maintain a secure configuration process
Establish and maintain a secure configuration process for enterprise assets and software.
Mapped across 10 provisions
Equivalent and related requirements in other frameworks and regulations.
- ISO 27001EquivalentOfficial mapping
Source: CIS Controls v8 / ISO/IEC 27001
A.8.9 Configuration managementConfiguration sécurisée et durcissement
- NIST CSF 2.0EquivalentOfficial mapping
Source: CIS Controls v8 / NIST CSF 2.0
PR.PS-01 Configuration management practices establishedConfiguration sécurisée et durcissement
- Cyber EssentialsEquivalentCuratedCE-2 Secure configuration
Configuration sécurisée et durcissement
- Cyber EssentialsPartialCuratedCE-1 Firewalls
Configuration sécurisée et durcissement
- Essential EightPartialCuratedE8-5 Application control
Configuration sécurisée et durcissement
- Essential EightPartialCuratedE8-6 Restrict Microsoft Office macros
Configuration sécurisée et durcissement
- Essential EightPartialCuratedE8-7 User application hardening
Configuration sécurisée et durcissement
- NIST 800-171EquivalentCurated3.4.2 Establish and enforce security configuration settings
Configuration sécurisée et durcissement
- NIST 800-53EquivalentCuratedCM-6 Configuration settings
Configuration sécurisée et durcissement
- PCI DSSEquivalentCuratedReq. 2 Apply secure configurations to all system components
Configuration sécurisée et durcissement