CM-7.2: Prevent Program Execution

Statement

• Prevent program execution in accordance with cm-07.02_odp.01 .

  • • Guidance:

      This control refers to software deployment by CSP personnel into the production environment. The control requires a policy that states conditions for deploying software. This control shall be implemented in a technical manner on the information system to only allow programs to run that adhere to the policy (i.e. allow-listing). This control is not to be based off of strictly written policy on what is allowed or not allowed to run.