The IT Law Wiki

Configuration control

32,297pages on
this wiki
Add New Page
Talk0 Share

Definitions Edit

Configuration control is the

[p]rocess for controlling modifications to hardware, firmware, software, and documentation to protect the information system against improper modifications before, during, and after system implementation.[1]
[a]n element of configuration management, consisting of the evaluation, coordination, approval or disapproval, and implementation of changes to configuration items after formal establishment of their configuration identification.[2]

Overview Edit

"Configuration control helps protect against unauthorized or malicious alteration of a system and thus provides assurance of system integrity."[3]

References Edit

  1. CNSSI 4009, at 32; NIST Special Publication 800-53.
  2. Information Technology: An Audit Guide For Assessing Acquisition Risks, Glossary, at 90.
  3. IETF Network Working Group, Internet Security Glossary, Version 2 (RFC 4949) (Aug. 2007).

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Also on Fandom

Random Wiki