CIS Controls v8

CIS 4 Secure Configuration of Enterprise Assets and Software

Starts in IG1 | Apply hardened baselines to minimize misconfiguration risk.

Implementation Actions

Define baseline standards.
Scan for drift continuously.
Track and close high-risk deviations.

Evidence Examples

Baseline standards
Compliance scan reports
Exception approvals

Suggested Metrics

Baseline compliance rate
Critical drift remediation time

Navigation

Back to All 18 CIS Controls NIST CSF 2.0 Guidance FedRAMP Guidance Cybersecurity Glossary