NIST 800-53 REV 5 • CONFIGURATION MANAGEMENT

CM-5(1)Automated Access Enforcement and Audit Records

Enforce access restrictions using {{ insert: param, cm-05.01_odp }} ; and Automatically generate audit records of the enforcement actions.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

Supplemental Guidance

Organizations log system accesses associated with applying configuration changes to ensure that configuration change control is implemented and to support after-the-fact actions should organizations discover any unauthorized changes.

Practitioner Notes

This enhancement requires automated tools to enforce access restrictions for changes and to create audit trails of who changed what and when.

Example 1: Enable Azure Activity Log or AWS CloudTrail to automatically record every configuration change, including who made it and when.

Example 2: Configure Windows Event Forwarding to collect audit logs from all servers showing administrative actions, and send them to your SIEM for monitoring.

More Configuration Management Controls

CM-1 Policy and Procedures CM-2 Baseline Configuration CM-2(1) Reviews and Updates CM-2(2) Automation Support for Accuracy and Currency