STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 4 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← All Controls

CM-5 (3)

Configuration ManagementRev 3

Access Restrictions for Change

CCI Identifiers (6)

CCI-000351The organization defines critical software programs that the information system will prevent from being installed if such software programs are not signed with a recognized and approved certificate.CCI-000352The information system prevents the installation of organization-defined critical software programs that are not signed with a certificate that is recognized and approved by the organization.CCI-001747The organization defines critical software components the information system will prevent from being installed without verification the component has been digitally signed using a certificate that is recognized and approved by the organization.CCI-001748The organization defines critical firmware components the information system will prevent from being installed without verification the component has been digitally signed using a certificate that is recognized and approved by the organization.CCI-001749The information system prevents the installation of organization-defined software components without verification the software component has been digitally signed using a certificate that is recognized and approved by the organization.CCI-001750The information system prevents the installation of organization-defined firmware components without verification the firmware component has been digitally signed using a certificate that is recognized and approved by the organization.

Linked STIG Checks (113)

Across 62 STIGs. Click to expand.