The organization establishes configuration settings for information technology products employed within the information system using organization-defined security configuration checklists.
No STIG checks reference this CCI.