Definitions Edit

Configuration control is the

[p]rocess for controlling modifications to hardware, firmware, software, and documentation to protect the information system against improper modifications before, during, and after system implementation.[1]
[a]n element of configuration management, consisting of the evaluation, coordination, approval or disapproval, and implementation of changes to configuration items after formal establishment of their configuration identification.[2]

Overview Edit

"Configuration control helps protect against unauthorized or malicious alteration of a system and thus provides assurance of system integrity."[3]

References Edit

  1. CNSSI 4009, at 32; NIST Special Publication 800-53.
  2. Information Technology: An Audit Guide For Assessing Acquisition Risks, Glossary, at 90.
  3. IETF Network Working Group, Internet Security Glossary, Version 2 (RFC 4949) (Aug. 2007).

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.