ISO 27001 · A.8 Technological
A.8.9 Configuration management
Establish, document, implement, monitor and review the configuration of hardware, software, services and networks.
Mapped across 10 provisions
Equivalent and related requirements in other frameworks and regulations.
- CIS Controls v8EquivalentOfficial mapping
Source: CIS Controls v8 / ISO/IEC 27001
4.1 Establish and maintain a secure configuration processConfiguration sécurisée et durcissement
- NIST 800-53EquivalentOfficial mapping
Source: NIST SP 800-53 Rev. 5 / ISO/IEC 27001
CM-6 Configuration settingsConfiguration sécurisée et durcissement
- Cyber EssentialsEquivalentCuratedCE-2 Secure configuration
Configuration sécurisée et durcissement
- Cyber EssentialsPartialCuratedCE-1 Firewalls
Configuration sécurisée et durcissement
- Essential EightPartialCuratedE8-5 Application control
Configuration sécurisée et durcissement
- Essential EightPartialCuratedE8-6 Restrict Microsoft Office macros
Configuration sécurisée et durcissement
- Essential EightPartialCuratedE8-7 User application hardening
Configuration sécurisée et durcissement
- NIST 800-171EquivalentCurated3.4.2 Establish and enforce security configuration settings
Configuration sécurisée et durcissement
- NIST CSF 2.0EquivalentCuratedPR.PS-01 Configuration management practices established
Configuration sécurisée et durcissement
- PCI DSSEquivalentCuratedReq. 2 Apply secure configurations to all system components
Configuration sécurisée et durcissement