This article lists free and commercial tools that a company can use to help comply with CIS Controls 10 and 11.
This document provides tips, tools, and techniques for leading a successful change initiative
This document provides guidance on Microsoft security features and tools that can be used to harden Windows 10 Enterprise Edition.
This is a summary page for the 140+ configuration guidelines for various technology groups to safeguard systems developed by CIS.
Cyber Management Alliance is company that offers consulting services for change management specifically security change management.
This document highlights and summarizes the types of choices, and the related decisions, that need to be made prior to starting the planning process.
The Security Technical Implementation Guides (STIGs) are the configuration standards for DOD IA and IA-enabled devices/systems. The STIGs contain technical guidance to “lock down” information systems/software that might otherwise be vulnerable to a malicious computer attack.
DoD Instruction 8551.01 Ports, Protocols, and Services Management (PPSM) standardizes procedures to catalog, regulate, and control the use and management of protocols in the Internet protocol suite, and associated ports (also known as protocols, data services, and associated ports or ports, protocols, and services); also referred to as PPS on DoD information networks (DODIN) including the connected information systems, platform information technology (IT) systems, platform IT (PIT), and products based on the potential that unregulated PPSM can damage DoD operations and interests and applies to all PPS used throughout planned, newly developed, acquired, and existing DODIN (whether used internal or external to the enclave), which include DoD Information Technology (IT).
The purpose of this procedure is to facilitate the implementation of security control requirements for the Configuration Management control family, as identified in NIST SP 800-53.
This site provides various resources for the change management process based on ITIL. It also allows for a free ITSM trial.