NIST 800-53 REV 5 • CONFIGURATION MANAGEMENT

CM-6(3)Unauthorized Change Detection

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

No related controls listed

Practitioner Notes

This enhancement was incorporated into SI-7. It previously focused on detecting unauthorized changes to configuration settings.

Example 1: Deploy Tripwire or AIDE to monitor critical configuration files (like /etc/passwd, registry hives, or firewall rules) and alert on any unauthorized changes.

Example 2: Use AWS Config or Azure Policy compliance dashboards to continuously monitor for configuration drift from your approved settings.

More Configuration Management Controls

CM-1 Policy and Procedures CM-2 Baseline Configuration CM-2(1) Reviews and Updates CM-2(2) Automation Support for Accuracy and Currency