Skip to main content
MuonPartners
Services
Architecture

Solution design and technology roadmapping

Solution AssessmentTechnology RoadmapsIntegration DesignSolution ArchitectureTechnical Design
Cyber Security

Security assessments, IAM, and compliance

AssessmentsIAMComplianceSecurity BaselineCyber Innovation
Network and Platform

Network architecture and cloud platforms

Network DesignCloud StrategyModernisation
Enterprise Architecture

Business-technology alignment

Business AlignmentPortfolio AnalysisGovernance
View all services
ProjectsCase StudiesInsightsToolsAbout
Contact Us

Services

Architecture
Solution AssessmentTechnology RoadmapsIntegration DesignSolution ArchitectureTechnical Design
Cyber Security
AssessmentsIAMComplianceSecurity BaselineCyber Innovation
Network and Platform
Network DesignCloud StrategyModernisation
Enterprise Architecture
Business AlignmentPortfolio AnalysisGovernance
ProjectsCase StudiesInsightsToolsAboutContact
Get in Touch
MuonPartners

Strategic technology consulting for Australian organisations navigating complexity.

Services

  • Architecture
  • Cyber Security
  • Network and Platform
  • Enterprise Architecture

Company

  • About
  • Products
  • Frameworks
  • Cross-Framework Mapping
  • Projects
  • Case Studies
  • Insights
  • Contact

Contact

  • [email protected]
  • Australia
  • LinkedIn

© 2026 Muon Partners. All rights reserved.

ABN 50 669 022 315 · A Muon Group company.

Privacy PolicyTerms of Service
  1. Frameworks
  2. >SP 800-53
  3. >Configuration Management
  4. >SP800-53-CM-14
SP800-53-CM-14Active

Signed Components

Statement

Prevent the installation of software components; firmware components without verification that the component has been digitally signed using a certificate that is recognized and approved by the organization.

Location

Control Family
Configuration Management

Control Details

Identifier
SP800-53-CM-14
Family
CM

Organisation-Defined Parameters

cm-14_odp.01
software components
cm-14_odp.02
firmware components

Supplemental Guidance

Software and firmware components prevented from installation unless signed with recognized and approved certificates include software and firmware version updates, patches, service packs, device drivers, and basic input/output system updates. Organizations can identify applicable software and firmware components by type, by specific items, or a combination of both. Digital signatures and organizational verification of such signatures is a method of code authentication.

Assessment Objective

the installation of software components is prevented unless it is verified that the software has been digitally signed using a certificate recognized and approved by the organization; the installation of firmware components is prevented unless it is verified that the firmware has been digitally signed using a certificate recognized and approved by the organization.

No cross-framework mappings available

← Back to Configuration Management
Configuration Management66 controls
SP800-53-CM-1Policy and ProceduresSP800-53-CM-2Baseline ConfigurationSP800-53-CM-2(1)Reviews and UpdatesSP800-53-CM-2(2)Automation Support for Accuracy and CurrencySP800-53-CM-2(3)Retention of Previous ConfigurationsSP800-53-CM-2(4)Unauthorized SoftwareSP800-53-CM-2(5)Authorized SoftwareSP800-53-CM-2(6)Development and Test EnvironmentsSP800-53-CM-2(7)Configure Systems and Components for High-risk AreasSP800-53-CM-3Configuration Change ControlSP800-53-CM-3(1)Automated Documentation, Notification, and Prohibition of ChangesSP800-53-CM-3(2)Testing, Validation, and Documentation of ChangesSP800-53-CM-3(3)Automated Change ImplementationSP800-53-CM-3(4)Security and Privacy RepresentativesSP800-53-CM-3(5)Automated Security ResponseSP800-53-CM-3(6)Cryptography ManagementSP800-53-CM-3(7)Review System ChangesSP800-53-CM-3(8)Prevent or Restrict Configuration ChangesSP800-53-CM-4Impact AnalysesSP800-53-CM-4(1)Separate Test EnvironmentsSP800-53-CM-4(2)Verification of ControlsSP800-53-CM-5Access Restrictions for ChangeSP800-53-CM-5(1)Automated Access Enforcement and Audit RecordsSP800-53-CM-5(2)Review System ChangesSP800-53-CM-5(3)Signed ComponentsSP800-53-CM-5(4)Dual AuthorizationSP800-53-CM-5(5)Privilege Limitation for Production and OperationSP800-53-CM-5(6)Limit Library PrivilegesSP800-53-CM-5(7)Automatic Implementation of Security SafeguardsSP800-53-CM-6Configuration SettingsSP800-53-CM-6(1)Automated Management, Application, and VerificationSP800-53-CM-6(2)Respond to Unauthorized ChangesSP800-53-CM-6(3)Unauthorized Change DetectionSP800-53-CM-6(4)Conformance DemonstrationSP800-53-CM-7Least FunctionalitySP800-53-CM-7(1)Periodic ReviewSP800-53-CM-7(2)Prevent Program ExecutionSP800-53-CM-7(3)Registration ComplianceSP800-53-CM-7(4)Unauthorized Software — Deny-by-exceptionSP800-53-CM-7(5)Authorized Software — Allow-by-exceptionSP800-53-CM-7(6)Confined Environments with Limited PrivilegesSP800-53-CM-7(7)Code Execution in Protected EnvironmentsSP800-53-CM-7(8)Binary or Machine Executable CodeSP800-53-CM-7(9)Prohibiting The Use of Unauthorized HardwareSP800-53-CM-8System Component InventorySP800-53-CM-8(1)Updates During Installation and RemovalSP800-53-CM-8(2)Automated MaintenanceSP800-53-CM-8(3)Automated Unauthorized Component DetectionSP800-53-CM-8(4)Accountability InformationSP800-53-CM-8(5)No Duplicate Accounting of ComponentsSP800-53-CM-8(6)Assessed Configurations and Approved DeviationsSP800-53-CM-8(7)Centralized RepositorySP800-53-CM-8(8)Automated Location TrackingSP800-53-CM-8(9)Assignment of Components to SystemsSP800-53-CM-9Configuration Management PlanSP800-53-CM-9(1)Assignment of ResponsibilitySP800-53-CM-10Software Usage RestrictionsSP800-53-CM-10(1)Open-source SoftwareSP800-53-CM-11User-installed SoftwareSP800-53-CM-11(1)Alerts for Unauthorized InstallationsSP800-53-CM-11(2)Software Installation with Privileged StatusSP800-53-CM-11(3)Automated Enforcement and MonitoringSP800-53-CM-12Information LocationSP800-53-CM-12(1)Automated Tools to Support Information LocationSP800-53-CM-13Data Action MappingSP800-53-CM-14Signed Components