NIST 800-53 REV 5 • CONFIGURATION MANAGEMENT

CM-2(2)Automation Support for Accuracy and Currency

Maintain the currency, completeness, accuracy, and availability of the baseline configuration of the system using {{ insert: param, cm-02.02_odp }}.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

Supplemental Guidance

Automated mechanisms that help organizations maintain consistent baseline configurations for systems include configuration management tools, hardware, software, firmware inventory tools, and network management tools. Automated tools can be used at the organization level, mission and business process level, or system level on workstations, servers, notebook computers, network components, or mobile devices. Tools can be used to track version numbers on operating systems, applications, types of software installed, and current patch levels. Automation support for accuracy and currency can be satisfied by the implementation of [CM-8(2)](#cm-8.2) for organizations that combine system component inventory and baseline configuration activities.

Practitioner Notes

This enhancement requires automated tools to keep your baseline documentation accurate and current — manual tracking is too slow and error-prone for complex environments.

Example 1: Use Microsoft Defender for Endpoint to automatically inventory installed software and settings across all endpoints and flag deviations from the approved baseline.

Example 2: Deploy Ansible or Puppet to define your baseline as code and automatically detect and report configuration drift across your server fleet.

More Configuration Management Controls

CM-1 Policy and Procedures CM-2 Baseline Configuration CM-2(1) Reviews and Updates CM-2(3) Retention of Previous Configurations