Documentation Index

Fetch the complete documentation index at: https://kb.northerndatasolutions.com/llms.txt

Use this file to discover all available pages before exploring further.

CIS-8.1.2.3 — Address Unauthorized Software

  • Published on May 3, 2026
  • 1 minute(s) read
  • CT
 Prev Next

CIS-8.1.2.3 — Address Unauthorized Software

Domain: CIS Control 2  |  Safeguard: CIS-8.1.2.3  |  Asset Class: Software  |  Security Function: Respond  |  Source: CIS Controls v8.1.2 (March 2025)

Implementation Groups:

IG1IG2IG3

Ensure that unauthorized software is either removed from use on enterprise assets or receives a documented exception.

Executive Summary (For Leadership and the Board)

CIS Safeguard CIS-8.1.2.3 sits inside Control 2 (Software / Respond). Mature programs treat this as a measured, recertified, and audit-evidenced control. The Safeguard maps to NIST SP 800-53 Rev. 5 CM-7, CM-10/11, SI-7 and to NIST CSF 2.0 ID.AM, PR.PS.

Tags: CIS-8.1.2.3, cis-controls, cis-v8-1, ig3, control-2, asset-class-software, function-respond

Related articles