NIST SP 800-53 Rev 5 — Configuration Management (CM) family
NIST SP 800-53 Rev 5 — Configuration Management (CM) family — 50% covered.
2 requirements · 1 enforced · 0 designed · 0 advisory · 0 deferred.
Source: NIST SP 800-53 Rev 5 — Configuration Management (CM) family — US federal control catalogue (security & privacy controls). KYE Protocol™ governs the SUBSET that resolves at the action boundary — the moment an AI-driven production action (a rollback / hotfix / infra-change) moves toward a consequential effect — under a recorded change-authority decision, with the change-class due-diligence recorded, replay-provable provenance, and named sign-off. KYE does not detect the incident, perform RCA, monitor the system, or operate the change-management tooling. · License: NIST SP 800-53 is a US federal publication in the public domain; KYE registry cites the CM control family for mapping purposes.
By category
| Category | Reqs | Enforced | Designed | Advisory | Deferred | Coverage |
|---|---|---|---|---|---|---|
| Configuration change control — authority & impact analysis (enforced action-boundary subset) | 1 | 1 | 0 | 0 | 0 | 100% |
| Configuration baseline & inventory (out-of-scope — config-management / devsecops) | 1 | 0 | 0 | 0 | 0 | 0% |
Every requirement → the KYE™ artefact that enforces it
| ID | Title | Status | KYE™ enforcement |
|---|---|---|---|
nist-800-53-cm.cm-3-configuration-change-control |
CM-3 Configuration change control: an AI-proposed change is approved & impact-analysed before commit, with a retained change record | enforced | rule_packs: kye:rule-pack:production-action-authoritydictionaries: internalengines: internal, internal, internalaudit_events: kye.purpose.request.v1, kye.purpose.admissibility.v1, kye.evidence.decision_map.v1, kye.evidence.pack.v1constitution_refs: constitution/12-PURPOSE-PERMISSION.md, constitution/13-RESILIENCE-LOOP.md |
nist-800-53-cm.cm-2-baseline-inventory |
CM-2 baseline configuration & CM-8 component inventory maintenance | out-of-scope | (no enforcement cited) |