For our ISMS we need to have a "Configuration Management Policy & Procedure" to address the requirements of external parties (ex: regulators).
I do not see any template for the same in the toolkit provided. Kindly assist on the Configuration Management Policy to help address below requirements.
- A configuration management policy and procedure including a baseline of the software configuration of individual assets - baseline config is part of asset register & standardized
- Documentation supporting a detection solution in place within the User Systems - only system admin have access to install
- The implementation of solutions to detect and prevent the installation or execution of unauthorized software - only system admin have access to install
- Documented procedures for reporting and remediating the installation or execution of unauthorized software - only system admin have access to install