|

controlCM-4

Impact Analyses (CM-4)

Analyze changes to the system to determine potential security and privacy impacts prior to change implementation.

Security Baselines

LOWMODERATEHIGH

configurationbaselineschange-control

Why These Connect

Baselined In3

This control is included in the linked security baseline (LOW, MODERATE, or HIGH).

Supports26

These related controls work together — a change to one may affect the others.

Enhances2

These enhancements add specific capabilities or refinements to the base control.

Related Controls(18)

CA-7Continuous Monitoring (CA-7)

CM-3Configuration Change Control (CM-3)

CM-8System Component Inventory (CM-8)

CM-9Configuration Management Plan (CM-9)

MA-2Controlled Maintenance (MA-2)

RA-3Risk Assessment (RA-3)

RA-5Vulnerability Monitoring and Scanning (RA-5)

RA-8Privacy Impact Assessments (RA-8)SA-5System Documentation (SA-5)

SA-8Security and Privacy Engineering Principles (SA-8)

SA-10Developer Configuration Management (SA-10)

SI-2Flaw Remediation (SI-2)

CM-13Data Action Mapping (CM-13)PM-31Continuous Monitoring Strategy (PM-31)SA-11Developer Testing and Evaluation (SA-11)

SC-3Security Function Isolation (SC-3)

SC-7Boundary Protection (SC-7)

SI-6Security and Privacy Function Verification (SI-6)

Control Enhancements(2)

CM-4(1)Separate Test Environments (CM-4(1))

CM-4(2)Verification of Controls (CM-4(2))

See Also

@SP 800-53 Overview ⚖Compare Baselines