Logo

CISOBot - Your AI CISO Assistant

CHG-04

Access Restriction For Change

Weight: 8/10
Description

Mechanisms exist to enforce configuration restrictions in an effort to restrict the ability of users to conduct unauthorized changes.

Control Question

Does the organization enforce configuration restrictions in an effort to restrict the ability of users to conduct unauthorized changes?

Control Metadata
Domain:

Change Management

Validation Cadence:

Annual

Evidence Request List:

E-HRS-13 E-IAM-02

Have questions about this control?

Ask CISOBot for implementation guidance and best practices