• Tenable
  • Audits
  • Settings
    Links
    Tenable Cloud Tenable Community & Support Tenable University
    Theme
  • Tenable
  • Plugins
  • Overview
  • Plugins Pipeline
  • Newest
  • Updated
  • Search
  • Nessus Families
  • WAS Families
  • NNM Families
  • Tenable OT Security Families
  • Tenable Cloud Security Families
  • Tenable Self-Hosted Container Security Families
  • About Plugin Families
  • Release Notes
  • Audits
  • Overview
  • Newest
  • Updated
  • Search Audit Files
  • Search Items
  • References
  • Authorities
  • Documentation
  • Download All Audit Files
  • Indicators
  • Overview
  • Search
  • Indicators of Attack
  • Indicators of Exposure
  • Release Notes
  • CVEs
  • Overview
  • Newest
  • Updated
  • Search
  • Attack Path Techniques
  • Overview
  • Search
    • Links
    • Tenable Cloud
    • Tenable Community & Support
    • Tenable University
    • Settings
    • Theme
Detections
  • Plugins
  • Overview
  • Plugins Pipeline
  • Release Notes
  • Newest
  • Updated
  • Search
  • Nessus Families
  • WAS Families
  • NNM Families
  • Tenable OT Security Families
  • Tenable Cloud Security Families
  • Tenable Self-Hosted Container Security Families
  • About Plugin Families
  • Audits
  • Overview
  • Newest
  • Updated
  • Search Audit Files
  • Search Items
  • References
  • Authorities
  • Documentation
  • Download All Audit Files
  • Indicators
  • Overview
  • Search
  • Indicators of Attack
  • Indicators of Exposure
  • Release Notes
Analytics
  • CVEs
  • Overview
  • Newest
  • Updated
  • Search
  • Attack Path Techniques
  • Overview
  • Search
  1. Audits
  2. References
  3. 800-53
  4. CM-3e.
  1. 800-53

800-53|CM-3e.

Title

CONFIGURATION CHANGE CONTROL

Description

Retains records of configuration-controlled changes to the information system for [Assignment: organization-defined time period];

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Category: CONFIGURATION MANAGEMENT

Family: CONFIGURATION MANAGEMENT

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.4.4 Ensure boot loader does not allow removable mediaUnixCIS Amazon Linux 2 STIG v2.0.1 STIG
1.6.1.10 Ensure system device files are labeled.UnixCIS Amazon Linux 2 STIG v2.0.1 STIG
2.2.21 Ensure the TFTP server has not been installedUnixCIS Amazon Linux 2 STIG v2.0.1 STIG
4.2.1.6 Ensure remote rsyslog messages are only accepted on designated log hosts.UnixCIS Amazon Linux 2 STIG v2.0.1 L1 Server
4.2.1.6 Ensure remote rsyslog messages are only accepted on designated log hosts.UnixCIS Amazon Linux 2 STIG v2.0.1 STIG
5.3.30 Ensure SSH does not permit GSSAPIUnixCIS Amazon Linux 2 STIG v2.0.1 STIG
5.3.31 Ensure SSH does not permit Kerberos authenticationUnixCIS Amazon Linux 2 STIG v2.0.1 STIG
5.5.9 Ensure local interactive user accounts umask is 077UnixCIS Amazon Linux 2 STIG v2.0.1 STIG
FireEye - Configuration auditing logs the required number of changesFireEyeTNS FireEye
  • Tenable.com
  • Community & Support
  • Documentation
  • Education
  • © 2026 Tenable®, Inc. All Rights Reserved
  • Privacy Policy
  • Legal
  • 508 Compliance