KSI-CMT-RMVImplementation guide coming soonRedeploying vs Modifying
CMT — Change Management
NIST 800-53: cm-2, cm-3, cm-5, cm-6, cm-7, cm-8.1, si-3
- Who this is for
- Cloud service providers
- Service class
- All service classes
- Implementation guidance
- Official source only
- Evidence automation
- Not published
Reviewed implementation guidance for KSI-CMT-RMV is not published yet. The official source below remains complete and authoritative.
Official FedRAMP source
Verbatim from FedRAMP/rules
Changes to machine-based information resources are executed through the redeployment of version controlled resources rather than direct modification wherever reasonable.
Content provenance
Official requirement text is sourced from FedRAMP/rules . Boundera implementation guidance has not been fully reviewed for this item.