CM-7(5)—Authorized Software -- Allow-By-Exception
>Control Description
Enterprises should define requirements and deploy appropriate processes to specify allowable software. This can be aided by defining a requirement to use only reputable software. This can also include requirements for alerts when new software and updates to software are introduced into the enterprise’s environment. An example of such requirements is to allow open source software only if the code is available for an enterprise’s evaluation and determined to be acceptable for use
>Cross-Framework Mappings
Ask AI
Configure your API key to use AI features.