CM-4: Impact Analyses

From NIST's SP800-53:

Analyze changes to the system to determine potential security and privacy impacts prior to change implementation.

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

SP800-53 Control Mapped to NIST Cyber Security Framework

Generated from NISTs SP800-53/CSF Crosswalk mappings.

Control ID Description
PR.IP-1 A baseline configuration of information technology/industrial control systems is created and maintained incorporating security principles (e.g. concept of least functionality)
PR.IP-3 Configuration change control processes are in place